Types of password attacks and defences
There are several different types of password attacks including brute force, dictionary, keyloggers and credential stuffing.
If you have utilised our previous guidance, you will be will have mitigated against several of them already but what about the other ones? Several of them use the same defence, so implement them and get cyber resilient.
- Use a complex password and require 2FA – this helps to defends against all password attacks and you should have already implemented this
- Lock accounts after no more than 10 unsuccessful attempts – defends against a brute force attack
- Check your physical hardware. If someone has access to your workstation, they can install a hardware keylogger to collect information about your keystrokes. Regularly inspect your computer and the surrounding area to make sure you know each piece of hardware.
- Run a virus scan. Use a reputable antivirus software to scan your computer on a regular basis. Antivirus companies keep their records of the most common malware keyloggers and will flag them as dangerous.
- Monitor your account compromises. There are paid services that will monitor your online identities, but you can also use free services like haveibeenpwned.com to check whether your email address is connected to any recent leaks and maybe vulnerable to credential stuffing
- Enable encryption on your router. If your modem and router can be accessed by anyone off the street, they can use “packet sniffer” technology to see the information that is passed through it.
- Use a VPN. A secure virtual private network (VPN) will help prevent man-in-the-middle attacks by ensuring that all the servers you send data to are trusted.
If you need some help implementing the configuration, then contact us and we can put you in touch with Trusted Partners who can help.
Next week… Routers and Firewalls – admin access
#leighonsea #essexbusiness #essex #essexnetworking #itsupport #itsupportessex #cloudsolutions #galacticait #galactica #itsupportspecialist #itsupportservices #itsupportlondon #southendonsea #southendonseabusiness #cloudsolutionprovider #microsoft #microsoft365 #microsoftazure