Presentation is loading. Please wait.

Presentation is loading. Please wait.

Operating Systems 1: Password Hacking

Published byLeif Henningsen Modified over 5 years ago

Similar presentations

Presentation on theme: "Operating Systems 1: Password Hacking"— Presentation transcript:

1 Operating Systems 1: Password Hacking
Damian Gordon

2 Password Hacking Let’s start by looking at the most commonly used passwords in 2018. The top 100 are here: passwords/

3 Most Common Passwords 2018 The worst passwords you can choose:
# #2 password # # # # # #8 sunshine #9 qwerty #10 iloveyou #11 princess #12 admin #13 welcome # #15 abc123 #16 football # #18 monkey # #20

4 Most Common Passwords 2018 The worst passwords you can choose:
#21 charlie #22 aa123456 #23 donald #24 password1 #25 qwerty123 #26 zxcvbnm # #28 bailey #29 freedom #30 shadow #31 passw0rd #32 baseball #33 buster #34 daniel #35 hannah #36 thomas #37 summer #38 george #39 harley #

5 Most Common Passwords 2018 The worst passwords you can choose:
#21 charlie #22 aa123456 #23 donald #24 password1 #25 qwerty123 #26 zxcvbnm # #28 bailey #29 freedom #30 shadow #31 passw0rd #32 baseball #33 buster #34 daniel #35 hannah #36 thomas #37 summer #38 george #39 harley #

6 Most Common Passwords 2018 The worst passwords you can choose:
#21 charlie #22 aa123456 #23 donald #24 password1 #25 qwerty123 #26 zxcvbnm # #28 bailey #29 freedom #30 shadow #31 passw0rd #32 baseball #33 buster #34 daniel #35 hannah #36 thomas #37 summer #38 george #39 harley #

7 Password Tips (1 of 2) The average length is 7-9 characters (a lot of companies do “month you joined” + “Day”, e.g. March04) The average person knows about 75,000 words There’s a 50% chance someone’s password will contain vowels Women prefer names in their passwords, men prefer hobbies and movies

8 Password Tips (2 of 2) If there’s a number in the password, it’s most likely 0, 1, or 2, and most likely towards the end of the password If there’s a capital letter, it’s usually at the start of the password, and followed by a vowel 65% of people have a maximum of 3 passwords for all of the accounts ( , social media, PC, etc.) 1 in 100 people will have the top 100 Most Common Passwords.

9 Password Hacking Easy to hack passwords are:
#1 Repeating previously used passwords #2 Names of close family members or friends #3 Your name #4 Words in the dictionary #5 Common names #6 Repeating your login code #7 Keyboard patterns and swipes (i.e., or QWERTY)

10 Hacking Attacks Common hacking attacks are: #1 Dictionary Attack
#2 Brute Force Attacks #3 Rainbow Table Attacks #4 Phishing #5 Social Engineering #6 Malware/Key loggers #7 Shoulder surfing #8 Spidering

11 Hacking Attacks Common hacking attacks are:
#1 Dictionary Attack: The dictionary attack uses a simple file containing words that can be found in a dictionary, hence its rather straightforward name. In other words, this attack uses exactly the kind of words that many people use as their password. Cleverly grouping words together such as "letmein" or "superadministratorguy" will not prevent your password from being cracked this way – well, not for more than a few extra seconds.

12 Hacking Attacks Common hacking attacks are:
#2 Brute Force Attacks: Similar to the dictionary attack, the brute force attack comes with an added bonus for the hacker. Instead of simply using words, a brute force attack lets them detect non- dictionary words by working through all possible alpha-numeric combinations from aaa1 to zzz10. It’s not quick, provided your password is over a handful of characters long, but it will uncover your password eventually.

13 Hacking Attacks Common hacking attacks are:
#3 Rainbow Table Attacks: Rainbow tables are a list of pre-computed hashes – the numerical value used when encrypting a password. This table contains hashes of all possible password combinations for any given hashing algorithm. Rainbow tables are attractive as it reduces the time needed to crack a password hash to simply just looking something up in a list.

14 Hacking Attacks Common hacking attacks are:
#4 Phishing: There's an easy way to hack: ask the user for his or her password. A phishing leads the unsuspecting reader to a faked log in page associated with whatever service it is the hacker wants to access, requesting the user to put right some terrible problem with their security. That page then skims their password and the hacker can go use it for their own purpose.

15 Hacking Attacks Common hacking attacks are:
#5 Social Engineering: Social engineering takes the whole "ask the user" concept outside of the inbox that phishing tends to stick with and into the real world. A favourite of the social engineer is to call an office posing as an IT security tech guy and simply ask for the network access password. You’d be amazed at how often this works. Some even have the necessary gonads to don a suit and name badge before walking into a business to ask the receptionist the same question face to face.

16 Hacking Attacks Common hacking attacks are:
#6 Malware/Key loggers: A keylogger, or screen scraper, can be installed by malware which records everything you type or takes screenshots during a login process, and then forwards a copy of this file to hacker central. Some malware will look for the existence of a web browser client password file and copy this which, unless properly encrypted, will contain easily accessible saved passwords from the user's browsing history.

17 Hacking Attacks Common hacking attacks are:
#7 Shoulder surfing: The most confident of hackers will take the guise of a parcel courier, aircon service technician or anything else that gets them access to an office building. Once they are in, the service personnel "uniform" provides a kind of free pass to wander around unhindered, and make note of passwords being entered by genuine members of staff. It also provides an excellent opportunity to eyeball all those post-it notes stuck to the front of LCD screens with logins scribbled upon them.

18 Hacking Attacks Common hacking attacks are:
#8 Spidering: Savvy hackers have realised that many corporate passwords are made up of words that are connected to the business itself. Studying corporate literature, website sales material and even the websites of competitors and listed customers can provide the ammunition to build a custom word list to use in a brute force attack. Really savvy hackers have automated the process and let a spidering application, similar to those employed by leading search engines to identify keywords, collect and collate the lists for them.

19 Password Hacking Who has been hacked already? Yahoo 3 billion accounts
How many? When? Yahoo 3 billion accounts 2014 eBay 150 million accounts Equifax 200, 000 accounts, including credit cards 2017 Uber 57 million accounts 2016 LinkedIn 6.5 million accounts 2012 Exactis 340 million accounts 2018 VTech 6.3 million accounts 2015 Sony 77 million accounts 2011

20 Password Hacking Sample Hack: How to bypass the Android 5.0 Lock Screen Click on Emergency Dialler option Keep on typing any random numbers and characters until it reaches its maximum limit Write down the number that you have typed Open the camera that you can even access with a locked screen Try to drag the screen downward and it will ask you to enter a password. There paste in the code that you had copied If the camera app doesn’t crash then repeat step from 1 to 5 while pressing the volume keys while pasting the code in Repeat this until the camera app crashes and you moved to main menu with unlocked screen.

21 Password Hacking Tools
#1 Brutus #2 RainbowCrack #3 Wfuzz #4 Cain and Abel #5 John the Ripper #6 THC Hydra #7 Medusa #8 OphCrack #9 L0phtCrack #10 Aircrack-NG

Download ppt "Operating Systems 1: Password Hacking"

Similar presentations

Directorate of Learning Resources Accessing electronic journals from off-campus This causes lots of headaches, but dont despair, heres how to do it! If.

Directorate of Learning Resources Accessing electronic journals from off-campus This causes lots of headaches, but dont despair, heres how to do it! If.
Accessing electronic journals from off- campus This causes lots of headaches, but dont despair, heres how to do it! (Please note – this presentation is.

Accessing electronic journals from off- campus This causes lots of headaches, but dont despair, heres how to do it! (Please note – this presentation is.
Fox Scientific, Inc. ONLINE ORDERING 101. Welcome to our website On our main page you can find current promotions, the vendors we offer, technical references.

Fox Scientific, Inc. ONLINE ORDERING 101. Welcome to our website On our main page you can find current promotions, the vendors we offer, technical references.
 The easiest way to put Ubuntu onto your stick is to use the USB installer provided at pendrivelinux.com.pendrivelinux.com  You’ll need to download.

 The easiest way to put Ubuntu onto your stick is to use the USB installer provided at pendrivelinux.com.pendrivelinux.com  You’ll need to download.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.

Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.
Start the slide show by clicking on the Slide Show option in the above menu and choose View Show”. or – hit the F5 Key.

Start the slide show by clicking on the "Slide Show" option in the above menu and choose "View Show”. or – hit the F5 Key.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Start the slide show by clicking on the Slide Show option in the above menu and choose View Show”. or – hit the F5 Key.

Start the slide show by clicking on the "Slide Show" option in the above menu and choose "View Show”. or – hit the F5 Key.
Start the slide show by clicking on the Slide Show option in the above menu and choose View Show”. or – hit the F5 Key.

Start the slide show by clicking on the "Slide Show" option in the above menu and choose "View Show”. or – hit the F5 Key.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.

Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
MAKING GOOD PASSWORDS (AND HOW TO KEEP THEM SAFE).

MAKING GOOD PASSWORDS (AND HOW TO KEEP THEM SAFE).
Start the slide show by clicking on the Slide Show option in the above menu and choose View Show”. or – hit the F5 Key.

Start the slide show by clicking on the "Slide Show" option in the above menu and choose "View Show”. or – hit the F5 Key.
Microsoft Windows LEARNING HOW USE AN OPERATING SYSTEM 1.

Microsoft Windows LEARNING HOW USE AN OPERATING SYSTEM 1.
Staying Safe Online Keep your Information Secure.

Staying Safe Online Keep your Information Secure.
IT security By Tilly Gerlack.

IT security By Tilly Gerlack.
CIS 450 – Network Security Chapter 8 – Password Security.

CIS 450 – Network Security Chapter 8 – Password Security.
In addition to Word, Excel, PowerPoint, and Access, Microsoft Office® 2013 includes additional applications, including Outlook, OneNote, and Office Web.

In addition to Word, Excel, PowerPoint, and Access, Microsoft Office® 2013 includes additional applications, including Outlook, OneNote, and Office Web.
Download Dropbox Download should start immediately Save download file:

Download Dropbox Download should start immediately Save download file:

Similar presentations

Ads by Google