Shoulder Surfing
One way of stealing the password is standing behind an individual and over look their password while they are typing it (Shoulder Surfing). Shoulder Surfing is a direct observation technique, such as looking over someone’s shoulder, to get passwords, PINs, other sensitive personal information and even listening while conversation if you give your credit-card number over the phone. Shoulder surfing is easily done in crowded places. It’s comparatively easy to stand next to someone and watch as they fill up a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. It can also be done during long distance with the help of binoculars or other vision-enhancing devices. Your confidential information will be at risk if your passwords are observed by Shoulder Surfers. They can use your password information for logging into your account and they may do harm to your information.
How to prevent it?
Be aware of Shoulder Surfers at public places or schools while you are entering your passwords into the login accounts.
- Do not reveal your passwords in front of others or type your usernames and passwords before any unauthorized persons.
- Cover the keyboard with paper or hand or something else so that it cannot b seen by any unauthorized person.
Brute force attacks
Another way of stealing the password is through guess. Hackers try all the possible combinations with the help of personal information of an individual. They will try with the person’s name, pet name (nick name), numbers (date of birth, phone numbers), school name…etc. When there are large number of combinations of passwords the hackers uses fast processors and some software tools to crack the password. This method of cracking password is known as “Brute force attack”.
Dictionary attacks
Hackers also try with all possible dictionary words to crack your password with the help of some software tools. This is called a “Dictionary attack”.
Sharing your passwords with strangers
Sharing the passwords with the unknown persons (strangers) may also lead to loss of your personal information. They can use your login information and can get the access to your information. The operating system does not know who is logging into the system, it will just allow any person who enters the credential information into the login page. The personslike strangers after getting access to your information they can do anything with it. They can copy, modify or delete it.
Sharing your passwords with strangers
Sharing the passwords with the unknown persons (strangers) may also lead to loss of your personal information. They can use your login information and can get the access to your information. The operating system does not know who is logging into the system, it will just allow any person who enters the credential information into the login page. The personslike strangers after getting access to your information they can do anything with it. They can copy, modify or delete it.
Possible Vulnerabilities are
- The passwords could be shared with other person and might get misused.
- The passwords can be forgotten.
- The Stolen passwords can be used by unauthorized user and may steel your personal information.
Good Password
- Use at least 8 characters or more to create a password. The more number of characters we use, the more secure is our password.
- Use various combinations of characters while creating a password. For example, create a password consisting of a combination of lowercase, uppercase, numbers and special characters etc..
- Avoid using the words from dictionary. They can be cracked easily.
- Create a password such that it can be remembered. This avoids the need to write passwords somewhere, which is not advisable.
- A password must be difficult to guess.
- Change the password once in every 2 weeks or when you suspect someone knows the password.
- Do not use a password that was used earlier.
- Be careful while entering a password when someone is sitting beside you.
- Do not use the name of things located around you as passwords for your account.