One form of cybercrime is misused for identity theft crimes. For milder cases, you may never see your facebook account or e-mail someone hijacked, and is used haphazardly for fun.
Many users worry if his account was stolen, but did not realize that identity theft often occurs because of a lack of awareness and vigilance in keeping its accounts.
Maybe there who think that there is no point in having a strong password because when a hacker or a malicious program master database server, he can find out all the usernames and passwords stored. This is not entirely correct. On the database server, generally a password will be stored in a hash value using cryptography function is one-way, such as MD5 or SHA-1. So you type as passwords, are stored in the form of the complex. This applies a one-way, meaning that the algorithms used do not provide the function to return the hash value into a string first. In this way, even a web application developers themselves do not know what exactly the user password.
Example:
MD5 hash of the password / string "abc" is 900150983cd24fb0d6963f7d28el7f72
MD5 hash of the password / string "c0mpl3xPwD" is 7df5701a8eda2733674c16252465649a
Therefore, if you forget the password, the general solution adopted is a web application to reset your old password, and provide a new password for you. If the web application can tell you the old password, instead it indicates that the password storage database in the form of what is, as you type, and can read anyone who can access the database server. Professional web applications do not do so because of safety factors.
A more reasonable for cybercrime perpetrators to know the password for a user is to utilize the user ketidakwaspadaan, or trying commonly used passwords (here use strong passwords, for example, consist of a combination of letters and numbers, and more of those characters), or using techniques / specific tools to perform brute-force, phishing, keyloggers, and so forth. Some general advice for users is: Carefully put the record your passwords, do the login just on a personal computer, change passwords periodically, do not run unknown applications, not just click the link URLs from untrusted sources, use different passwords for each account. Especially important to the account.
No comments:
Post a Comment