English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

Cyber Criminals Use Botnets to Crack Passwords

According to Microsoft's recently published results based on its honeypot scheme, most attacks that cracked passwords happened automatically with the help of botnets rather than attackers launching them directly.

Microsoft states that a lot of investigation has been conducted via hijacked computers, which are linked with an Internet Relay Chat (IRC) medium. The IRC medium is password-protected, and seeks commands like doing a scan and finding more poorly-secured computers.

During its project, Microsoft discovered that the mean (average) length of the cracked passwords was 8 characters, while the mean length of username was 6 characters.

Nevertheless, the scheme tried cracking passwords and usernames of a maximum length of 29 and 15 characters respectively.

These details underscore the importance of setting strong passwords, said Microsoft. Even passwords as long as 10-20 characters weren't sufficient if they were dictionary-based.

Besides, Microsoft's research showed that majority of the experimental attacks tried gaining access to administrator accounts of French and English PCs that employ various kinds of passwords. Subsequently, it was found that certain passwords like "123456," "changeme," "#comment:" and "password," were most commonly used, while the common usernames were "Administrateur" and "Administrator."

The security researchers stated that it was very important for a user to be careful while choosing a username and password. In case, the user account allowed an unlimited number of login trials, it could mean the task half completed if the username were known. For instance, the investigators said that once an attacker tried 400,000 times to guess the username and password of an account.

Hence, Microsoft advised end-users to set passwords by combining alphabets, numbers and some special characters of both upper as well as lower cases. Since the passwords cracked in experiments averaged of 8 characters, computer-users should go for lengthy passwords, the investigators said.

Additionally, they further advised that users shouldn't set their passwords on the basis of easily accessible or popular personal information, but choose a model which meant something exclusively to them, but something impossible for others to guess.

» SPAMfighter News - 08-12-2009

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>