In computer security is established, as a general rule for choosing a particular password length, use alphanumeric characters and symbols, avoid using common words, names, surnames, family, pets, birth dates, ID numbers , phone numbers, license plate ... so that it is difficult to theft of these passwords.
In this link you can see, depending on the type of password, as it would take to discover it by brute force.
But there are other much easier ways of obtaining passwords through engineering social, tricking the user. You can even go a step further, when the user password voluntarily.
An example is the popular page to see MSN Messenger contacts have deleted or removed admission www.QuienTeAdmite.com . It must sign in with our email account to check the program to determine which users and we have deleted it or not allowed. It is a simple page that does not use any security protocol, and in which users must act in faith and trust the warning: " (do not store your password) " written below the entry field password and use policy. But this is a page in PHP, which is extremely easy to save user (email account) and password in a database. Furthermore, this course code would be executed on the server so it would be hidden from the user.
And not only is a mail account and that most users save important emails, emails with bank details, emails with other users and passwords ...
The solution is simple enough not to use such services, and in case of using them immediately change the password on the mail server options.
Not that QuienTeAdmite.com do this, but if that is possible, easy and undetectable. And the same applies to other sites that offer similar services, the choice of this particular page is because virtually every day I see someone from my contact list using it and not even stop to think about the possible consequences of their acts.
Updated: When trying to enter the website QuienTeAdmite.com the Kaspersky antivirus identifies it as a threat of phishing attack, ie password theft. As a picture is worth a thousand words just to see:
Taken from: Caminando.com.es
0 comments:
Post a Comment