The attackers are the easiest to crack passwords, indicating simple words like password or qwerty, as well as showing your personal data – name, date of birth and phone numbers, told RIA Novosti interviewed experts.
According to the head of the research group of Department of Analytics of information security Positive Technologies Catherine Krusevo, the use of weak passwords for many years, is one of the main disadvantages of protection. When conducting internal pentelow (penetration test of a corporate network) in 96% of the companies were able to glean user credentials, and the main disadvantages of protecting steel that is simple, user passwords, she said.
“The results of internal and external penetration testing conducted by our experts last year revealed that one of the most popular password format “Mesazhet” in Latin layout, for example, Ltrf,hm2019 or Fduecn2019. These passwords were found in every third of the company, and in the same organization they have been matched for more than 600 users,” – said Milusheva.
The head of the “cyber security Agency”, member of expert Council of state Duma Committee on information policy Evgeny Lifshitz added that criminals usually work, the method of brute force – first for login attempts move the dictionaries installed by default most popular and simple passwords, and then in the course are the passwords according to the results of social engineering (e.g., name, year of birth).
“Thus, it is possible to give a definite recommendation not to use the default passwords and not to use weak passwords, which will go bust in the first place. This sequence of numbers: 12345, date of birth: 01.01.1990, phone numbers, simple words like password or qwerty,” advises the expert.
At risk also are the passwords in the format “name + year of birth”, the names of relatives: such data are easy to find in the public domain, for example, in social networks, said the Director of Department of corporate sales at ESET Russia Anton Ponomarev.
“Passwords consisting of random letters, numbers and symbols to crack the most difficult, but, of course, much depends on their length,” said the founder of DeviceLock Oganesyan.