With the next wave blockchain technology unfolds, cryptography remains a key part of this major technology. In which cryptography is used to secure the blockchain, our passwords are used to secure many if not all of our private accounts. This includes your CryptoWallets and exchange account passwords where many people may still have very simple passwords. Understand some of the common breaches and how to safeguard against them.
Why do most new password creation require a certain length (eg: 8 with large & small CAPS)? This is no doubt to help to protect against brute force attacks. Brute force methods are similar to that of “mining” where computing power is used to calculate all the different possible hash outcome to match one’s password. Thus the difficulty and also cost of cracking the password increases exponentially with the length. This method of hacking is getting less common given that many security mediums have included limited attempts before getting locked out.
Apart from brute force tactics, a similar and more popular method is through the use of a rainbow table. A rainbow table is a huge set of precomputed table filled with hash values that are pre-matched to possible plaintext passwords (Eg: the hash for “Password1” will be cracked in seconds). This allows a hacker to crack a password code in a much shorter time and cost effective manner.
Ever heard of Keyloggers? Yes they are one the most common malware use in LAN shops / gaming account password hacking. Due to the availability of tools on keyloggers, it allows for even beginner hackers to easily to install and use. As the name says, the program works by recording all keystrokes (buttons pressed) of the infected device and sends that information to the hacker.
Last but not least, the most prolific method most people fall prey to is social hacking. Social hacking can cover a wide area of aspects but pertaining to password security, fake website masking as the original website are most commonly found. Emails and messages with links claiming for password change or login details should never be clicked. These can come from unidentified sources or even your compromised friends. With just a minor tweak in the address bar and the sites/ emails looking absolutely flawless, none would be wiser but to fall prey to such tactics.
Only being aware can one then guard against possible breaches and vulnerability. Of course one can also start by generating a longer random jumbled password to reduce the risk from both brute force and rainbow list. When it comes to keyloggers, the simplest way around it is to use the save password function on your browser. Though it is also possible to hack your browser, there are more levels of security and the required hacker’s skill level would be much higher. Tiresome it may be to remember a jumbled charactered password, it is ultimately about finding a balance between your practical usage and level of security you want. This will not only apply exclusively to your crypto wallet but also extend to other accounts.
For a very proficient hacker to gain access to your devices, it is relatively possible as your security is only as strong as the weakest link in your system. For an average joe however, the risk of such an elaborate attack is very unlikely as a hacker of that skill level would not focus his efforts on you. Unless you are being targeted of course.