Page History
...
Info | ||
---|---|---|
| ||
There are two types attacks to break into a password protected system by attempting to guess the password, brute-force and dictionary; these attacks are effectively useless against online systems, even if not secured properly, the latency alone makes them impractical. However, these attacks are very effective against local encrypted files (like your password database, or any other file you encrypt for privacy). Let's compare the two attacks against our two passwords. Let's assume the attacker is using an array of modern processors that is capable of going through Brute Force This technique relies on trying every possible combination of characters until the correct one is guessed, hence the name brute force. If we consider a typical brute force algorithm that attempts to guess the password with the 26 characters of the English alphabet in both upper and lower case, 10 numerical digits, and 33 special characters easily found on a qwerty keyboard, we find:
Dictionary Attack: A dictionary attack aims to address the slowness of a brute force attack by taking advantage of people's tendency to use simple words as their passwords, this relies on the password consisting of a word or two, or it becomes a brute force attack. The English language is rather rich, we'll consider a medium sized "dictionary" of 450,000 words for this attack (note that the bigger the dictionary, the more likely it is to produce a successful guess, and the slower it is, the most popular password cracking dictionary contains 1,493,677,782 words).
|
Dual Factor Authentication
Two Factor Authentication
...
Two-factor authentication is a method of confirming a user's identity with two pieces of identification (factors), to add an extra layer of security. Your password may be very well crafted, but it's only secure as long as no one else can see it. If your password becomes known to a third party, a second factor of authentication can keep your information secure.
The basic concept of most two-factor authentication systems is to use something you know (your password) as well as something you have (fingerprint, access to a cell phone, or a secure token). Even if someone gets a hold of your password, they won't be able to access your files/accounts without also having access to your second authentication factor.
It is recommended to always use two factor authentication when available, in today's world where attackers have more and more ways to intercept passwords, a second factor of authentication is often the only way to stop unauthorized access.
When setting up two factor authentication, you're given the option to generate permanent recovery codes, these are to be used if you lose access to your second factor (your phone, for example). Write these codes down and store them in a secure location. If you lose access to your second factor, and you don't have a recovery code, you may not be able to regain access to your accounts.
For software based token authentication, we recommend LastPass Authenticator (https://lastpass.com/auth/). If used in conjunction with LastPass password manager, it allows you to securely and easily backup your authentication codes in your LastPass vault, making it easy to recover access to all your accounts in case your phone gets lost or damaged.
Anti Virus
...
Encryption
We'll describe three types of encryption technologies/algorithms we recommend, and go into detail on how and when to utilize each.
...