New research shows that reusing similar passwords across multiple online accounts may make you more vulnerable to hackers’ guessing. In other words, it appears that online password guessing is severely underestimated.
Targeted online guessing is when cyber criminals guess a specific victim’s password for an account. How can they just guess someone’s password, you ask? By abusing knowledge of their victim’s personal information – anything from their birthday, name and other personally identifiable information to passwords that the target uses on other online accounts.
Now, security experts in UK and China reveal that a huge number of passwords for online accounts – from social media to banking – are vulnerable to targeted online guessing. This is because many people reuse passwords across many web-based services and also use their personal information within their passwords.
“We are finding that targeted online guessing threats are increasingly more damaging and realistic. This is a serious security concern as there are large amounts of personally identifiable information, and leaked passwords readily available to criminals due to lots of million-sized data breaches like Yahoo, Myspace, Linkedin, Dropbox and VK.com,” explains Professor Ping Wang, co-author of the new study.
The takeaway message? Do not reuse similar passwords.
Source:
Lancaster University(http://www.lancaster.ac.uk/news/articles/2016/online-password-guessing-threat-underestimated/)
Chanwoo's Weekly Tech 