Creating And Encoding The Uncrackable Password

Creating And Encoding The Uncrackable Password

Uncrackable Password : Some of those “gurus” on the Internet have long claimed that the days of passwords are numbered and that, shortly, the new recognition and security technologies (iris, fingerprint, voice commands.) will be responsible for converting passwords. security into something more serious than it is today.

But that “future” has not yet arrived, and on the contrary, what is universalized is data access and protection, both offline and online, by password. At most, we can see that from time to time (cases of Google, Microsoft, etc) they implement double check protocols for the password. In other words, you can use your mobile to verify, in a second step, your access by password or its confirmation, but little more about innovation in this regard.

All of the above, added to the fact that the issue of security, the kidnapping of information and data, the criminal encryption of third-party systems, brute force attacks and other niceties are the order of the day, we find ourselves with a panorama that is less reliable every day. in terms of personal security of our information, data, content and digital life.

So it was essential to make a post in which we take care of giving the necessary notions, for everyone (with any level of training and specialization) to help anyone to implement and create the most secure password, updateable, memorizable and at the same time indescribable as possible, for as many services, systems and processes as you can imagine.

What Should Be The Perfect Password?

To begin with, we must know what the most secure password possible should be. What requirements/characteristics should it have? Well, take a mental note, because it has to be like this:

– Complex, very complex: it cannot be deciphered by so-called “dictionary attacks” in which a powerful system compares all possible words to execute the opening. Normally the words that are in the dictionary are used, so things like colcreta that do not exist are “stronger” than house or poppies.

Alphanumeric: containing letters and numbers.

– Memorizable: that is as easy to remember by its legitimate owner, as it is difficult or impossible to discover by third parties. After all, the password that is forgotten is useless and, furthermore, it can even harm those who forgot it. Of course, it shouldn’t be written down anywhere to be remembered. This does not even need to explain why.

That it does not need to be recovered: one of the most exploited security holes to discover a password is the process of recovering it by a third party that pretends to be the legitimate owner who has “forgotten” it.

– That nothing has to do with us, at first glance: that is, nothing of the ID number, the dates of birth, the postal codes, or the acronyms of the names and surnames…. Better yet, that not even the people closest to us and who know us best could imagine it. That’s how deep a good password should be.

We could mention other features, but if a password collects or meets these requirements with guarantees, we can already consider that we are well protected.

Types Of Attacks That A Password Can Suffer

The theft, or illegitimate or criminal use of someone else’s password, suffers various types of attacks by a technical criminal when it comes to being deciphered. We will mention some, because only by knowing them, we can deduce the kind of danger we are facing and hence the importance of its correct password construction or encoding.

Dictionary attack: mentioned above and explained.

Attack by social engineering: someone who knows us, or who studies us, part of our preferences, behavior patterns, our personal information obtained by carelessness, or even by the old method of spying when we type the password on the screen.

Attack by “keylogger”: installation of a keystroke recording application, to obtain what we have typed.

Fake recovery attack: also mentioned above: an illegitimate user launches the recovery protocol of a “forgotten” password and tries to overcome the different steps and checks that the service or software provider has foreseen, to deliver the password to someone pretending to be its rightful owner.

System attack and decryption: the technical criminal applies decryption software to the “passwords” container file or folder. Today much anticipated and almost solved by software vendors through good encryption and non-visibility of the password container file. However, there are still good hack decryption software available to implement such an attack. Another day we will dedicate a post to this type of software.

As we have said before, more types of attack can be included when decrypting someone else’s password, but to get an idea of ​​the methods and dangers, it is enough to know and take these mentioned into account, when encoding the most secure password possible.

How To Make Your Password Secure?

Creating the uncrackable password

As if it were an equation, we have a first element (requirements that the password must have) and a second element (types of attack that it can suffer), so that we can now set up the mental algorithm that gives us a result: the password safest possible based on what we want to avoid: being discovered, manipulated or stolen.

The following complex methods to create the password we need can be complicated and endlessly implemented by the user. The more sophisticated the use of these recommended methods, the more secure and reliable the created password will be .

Complex alphanumeric password resistant to social engineering

A password that includes letters and numbers, but that cannot be recognized or associated with our preferences, or by the people who know us best:

Password on our USB stick

By using an old USB memory, one of those that we no longer use, we can become a good ally in terms of passwords and access to personal systems, both Linux, Windows or Mac.

There are a large number of applications that turn a conventional USB stick into the “key” that activates your PC and boots your Windows, Linux or Mac OS X. Without this particular USB configured for you, once you have installed the software that turns it into a boot, the PC cannot be started. to keep in mind.

Modifiable, updateable and memorizable but complex password

To the previous method of encoding a password (remember that we can use a book, a certain phrase or combination of words contained in it, and the page number on which that combination appears), we can add a periodic mutation. In other words, the password can vary from time to time, adding a complement, easy for us to identify and remember, and impossible for third parties to find out.

Following the recommended example of the selected book, we could implement, over time, the password with, for example, the three digits that make up the total number of pages that said book has, and that can be placed at the end of the password, when the we want to update. With this we make it even more indecipherable.

Remember that a book will have a certain number of pages depending on the edition and the publisher that publishes it. Don Quixote has different total number of pages, depending on whether we take a paperback edition, or one bound in sheepskin.. So, even if someone discovered the book we used to encrypt our password, and even if they found out that we have selected the first three words with which that work begins, or any of its chapters, now it would have to face the page number in which these combinations of words are found, and the total number of pages that contains that specific edition of the book that we have employee.

Using a virtual keyboard when entering the password

We have already mentioned that one of the most widely used password cracking attacks is the clandestine installation of a keylogger (an application that records and provides a third party with everything that we have typed on the device, extracting the passwords of others from there). ).

To avoid this type of software that we could have installed or that could be installed without our knowledge, there is a way out: use a virtual keyboard on the screen, when it comes to entering passwords.

There are countless virtual keyboards available and free to download for all systems (Linux, Windows, Android , Mac). So here we would have a good defensive method when it comes to “blinding” a malicious keystroke recording program. We would not use our physical keyboard to enter passwords, but we would use the mouse and click on the virtual keyboard on the screen, so the password cannot be recorded .

Concluding

From these recommended methods of shielding and encoding a nearly impregnable password, the complexity is closed. With the example of the book, we wanted to show how we can encrypt a password based on elements that nobody could imitate, deduce, copy or discover. But, from this example, everyone can let their imagination run wild when creating the perfect password based on what they have learned and consolidated in this post.

But, the most important thing is to understand that passwords today protect everything: personal information, communications, online and offline banking systems, images, memories, secrets… everything.

Tech Updates Pro

Tech Updates Pro team primarily focus on giving the latest information on several topics related to Technology, Gadgets, Business, Apps, Marketing etc. Our goal is to provide high quality information on recent trends to our audience without bias.

Leave a Reply

Your email address will not be published. Required fields are marked *