Psst. I know your password

Wednesday, 22 May 2002, 3:54 PM EST

Retrieving the password file from one of the health care company's servers, the consulting firm put "John the Ripper," a well-known cracking program, on the case. While well-chosen passwords could take years--if not decades - of computer time to crack, it took the program only an hour to decipher 30 percent of the passwords for the nearly 10,000 accounts listed in the file.

"Just about every company that we have gone into, even large multinationals, has a high percentage of accounts with easily (cracked) passwords," said Greg Shipley, director of consulting for Neohapsis. "We have yet to see a company whose employees don't pick bad passwords."

[ Read more ]

Related items




Spotlight

How security pros deal with cybercrime extortion

1 in 3 security professionals recommend negotiating with cybercriminals for the return of stolen data or the restoration of encrypted files. 86% of security professionals believed their peers at other organizations have brokered deals with cybercriminals.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Wed, Apr 1st
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //