Passwords are the first line of defence in any computer systems. Weak passwords or bad habits used when the creation of passwords put sensitive information in danger. In this article, we will discuss the bad habits of password creations, some of the attacks that are used to detect the passwords, identification versus authentication, factors of authentications. Finally, the guidelines used to create a strong unique password are presented.

There are many factors affecting password security apart from creating a complex password. Stanislav (2015) mentioned that passwords can be compromised in many ways. For example, user can be redirected a fake web service to steal your login information. Additionally, key logger is a simple form of malware that can steal sensitive information such as passwords. Not only this but also, brute force attacks can be launched to try a different set of passwords to identify user’s passwords. Password database has protected passwords (e.g. passwords hashes) that can be cracked to obtain passwords information. Moreover, hacker can use social engineering to convince users to share passwords. Finally, Lack of user awareness will make the user carelessly write the passwords on sticky note on his table and anyone can use it.

Leseprobe

Introduction

Single Password Authentication Risks

The Five Factors of Authentication.

Passwords Creation bad habits

Password Creation Guidelines

Conclusion

Future work

Reference

Research Objectives and Themes

The work examines the critical role of passwords as the primary line of defense in information security, aiming to identify common vulnerabilities caused by poor user habits and to propose effective strategies for generating strong, memorable credentials.

Analysis of common password creation errors and vulnerabilities.
Evaluation of authentication methods and factors.
Examination of password-based attacks, including brute force and social engineering.
Presentation of industry-standard guidelines for creating strong, secure passphrases.

Excerpt from the Book

Passwords Creation bad habits

Some people do bad habit when they tried creating or using their passwords. These habits may lead to password leakage or compromising the protected assets by the end. For example, a user creates a very strong complex password, and he can’t remember it. Then, he decided to write it on a sticky note (See Figure 3) and put it on the monitor of his computer. This behaviour leads that everyone in the room might know that the word wrote on the sticky note is most probably his password. Therefore, the password became not secret anymore. He might reuse his password elsewhere, and in return, all accounts that used the same password were compromised (Florencio & Herley, 2007 cite in Acar, et al., 2013).

So, it doesn’t matter how complex your password is if it is compromised by bad habit. In addition to this, use common names, special dates, and sequence numbers or letters is a very bad habit when creating your passwords because it makes your passwords predictable. Furthermore, when creating a password, never use a dictionary word. It can be detected easily (See Figure 1). Figure 1 Illustrates a packet capture of a dictionary attack against FTP server, In this scenario, we found the username of the account (its identification) is kept general (e.g. Admin), and the attacker is trying a password from a dictionary. Therefore, the account will be compromised if he kept his account generic or its password was a word from a dictionary (e.g. merlin, mercury). Last but not least, Normally, a brute force attack is a number of trails for a password with the aim to gain access to an account (Rouse, 2019). A user might choose a short password (e.g. Less than 8 characters). This bad habit will make it easier for the attacker to crack the password using a brute force attack with less number of trials.

Summary of Chapters

Introduction: Outlines the significance of passwords in modern online activities and the security threats posed by password reuse.

Single Password Authentication Risks: Details various vectors through which password security can be compromised, such as malware, phishing, and social engineering.

The Five Factors of Authentication.: Defines the authentication process and categorizes the different ways identity is verified in digital systems.

Passwords Creation bad habits: Explores common behavioral mistakes users make that render even strong passwords ineffective.

Password Creation Guidelines: Provides actionable recommendations and methodologies, such as passphrase generation, to improve password strength.

Conclusion: Summarizes the importance of psychological and technical factors in maintaining robust password security.

Future work: Suggests further research into the validation of passphrase methods regarding both security efficacy and user usability.

Reference: Lists the academic and industry sources cited throughout the article.

Keywords

Password, Hacking, Brute Force, Single password authentication, Two-factor authentication, MFA, 2FA, Cybersecurity, Password security, User behavior, Authentication factors, Digital identity, Password cracking, Passphrase, Data protection

Frequently Asked Questions

What is the core focus of this research?

The work focuses on the role of passwords as a foundational security measure and explores how user behavior and poor creation habits jeopardize system security.

What are the central themes discussed in the article?

Key themes include authentication risks, the psychological aspect of password management, password-based attack vectors, and best practices for creating secure, memorable credentials.

What is the primary objective of this study?

The primary objective is to highlight common security pitfalls and provide actionable guidelines for users and organizations to enhance password strength and effectively protect sensitive data.

Which methodology is utilized in this paper?

The paper employs a qualitative analysis of current security risks and best practices, integrating existing research on authentication, password usability, and industry standards.

What topics are covered in the main section of the paper?

The main sections cover authentication risks, factors of authentication, common bad habits in password creation, and specific strategies for crafting strong passphrases.

Which keywords define the essence of this work?

The work is defined by keywords such as Password, Hacking, Brute Force, MFA, Two-factor authentication, User behavior, and Password security.

Why is "password reuse" considered a major vulnerability?

Password reuse is dangerous because if one service is compromised, an attacker can use the same credentials to access all other accounts linked to that password, leading to a cascading security failure.

How can passphrases improve over traditional passwords?

Passphrases allow users to create longer, more complex credentials that are easier to remember than random strings of characters, thereby balancing high security with improved usability.

What role does user psychology play in password security?

Psychology is critical because even complex passwords are weak if users feel compelled to write them down or reuse them due to the inability to remember them, which the paper identifies as a significant security flaw.

Ende der Leseprobe aus 9 Seiten - nach oben

Details

Titel: Password as the first line of defence. How to create a strong and unique password
Hochschule: Anglia Ruskin University
Autor: Haitham Ismail (Autor:in)
Erscheinungsjahr: 2019
Seiten: 9
Katalognummer: V506782
ISBN (eBook): 9783346075215
ISBN (Buch): 9783346075222
Sprache: Englisch
Schlagworte: Password Security Factors of Authentication
Produktsicherheit: GRIN Publishing GmbH

Arbeit zitieren: Haitham Ismail (Autor:in), 2019, Password as the first line of defence. How to create a strong and unique password, München, GRIN Verlag, https://www.hausarbeiten.de/document/506782

Password as the first line of defence. How to create a strong and unique password