Types of password attacks and defences

There are several different types of password attacks including brute force, dictionary, keyloggers and credential stuffing.

If you have utilised our previous guidance, you will be will have mitigated against several of them already but what about the other ones? Several of them use the same defence, so implement them and get cyber resilient.

Defences:

  • Use a complex password and require 2FA – this helps to defends against all password attacks and you should have already implemented this
  • Lock accounts after no more than 10 unsuccessful attempts – defends against a brute force attack
  • Check your physical hardware. If someone has access to your workstation, they can install a hardware keylogger to collect information about your keystrokes. Regularly inspect your computer and the surrounding area to make sure you know each piece of hardware.
  • Run a virus scan. Use a reputable antivirus software to scan your computer on a regular basis. Antivirus companies keep their records of the most common malware keyloggers and will flag them as dangerous.
  • Monitor your account compromises. There are paid services that will monitor your online identities, but you can also use free services like haveibeenpwned.com to check whether your email address is connected to any recent leaks and maybe vulnerable to credential stuffing
  • Enable encryption on your router. If your modem and router can be accessed by anyone off the street, they can use “packet sniffer” technology to see the information that is passed through it.
  • Use a VPN. A secure virtual private network (VPN) will help prevent man-in-the-middle attacks by ensuring that all the servers you send data to are trusted.

If you need some help implementing the configuration, then contact us and we can put you in touch with Trusted Partners who can help.

Next week…Routers and Firewalls – admin access

#leighonsea #essexbusiness #essex #essexnetworking #itsupport #itsupportessex #cloudsolutions #galacticait #galactica #itsupportspecialist #itsupportservices #itsupportlondon #southendonsea #southendonseabusiness #cloudsolutionprovider #microsoft #microsoft365 #microsoftazure

VIAGalactica Network Operations Centre
Galactica Group was founded in the summer of 2014 due to the fusion between Galactica IT Solutions (London) and Info Tech USA (New York). With an innovative customer-centric work-flow, the Group was designed for IT consulting and solutions, which has extended to a wide range of digital, technical, infrastructural, web and software services for businesses. Galactica Group can help with Digital transformation, Cloud Services (with a dedicated sub-branch named GITG-cloud), IT computing services, support consultation, crisis management and disaster recovery, cyber-security, network and infrastructure managed solutions while offering appropriate education support services