Abstract- The primary goal of the paper is to provide information about strengths and weaknesses of passwords.Also, we will focus upon the threats or possible security issues of passwords. Further, we will describe implicit weaknesses of some of the implementations,including the impact and risk of brute force, password guessing, awareness about presence of key loggers in public computers and prevention, „phishing‟, a technique to hack online passwords and we will also see the most efficient technique of password cracking i.e. ‟Rainbow table.‟ The secondary goal is to bring awareness in mass about the possible threats they can suffer from and provide solutions by keeping a strong password. The fact is that it doesn‟t do much good to lock all the doors if you leave a window open. Also, we will put some light on measures to be taken if the password is hacked. Finally, we hereby, provide a source of information containing advice and references for securing systems containing the implementations as covered in this paper.
I. INTRODUCTION
A password in the virtual world is something like a lock in the world of reality. We all encounter passwords when entering Internet, using networks, receiving e-mail etc.Naturally, there are people out there who want to get your passwords. Here we provide you some requisite information about how they do it and how you can protect yourself. In today‟s business environment, your corporate email security strategy is only as strong as its weakest link. Those who do not use strong passwords and password practices are often their own worst enemy. The risks are real, they affect you either directly or indirectly and they can be diminished by using strong passwords and password practices. Therefore, it is no longer simply a matter of using strong passwords and changing them often. Rather, we need to adopt a more realistic approach to password use and protection.
II. FORMAL DEFINITION OF PASSWORD
“A password is information associated with an entitythat confirms the entity‟s identity.” A password is a secret known only to you. A password provides access to a service for a specific user and is used to verify the identity of the user. The system can be your home computer, your email account, your online bank account or any web account. If your password is captured, guessed or stolen, someone could impersonate you online, steal money from your online bank account, send emails in your name or change files on your computer – to name just a few of the possible outcomes.
III. NEED FOR PASSWORD PROTECTION
You may not be a billionaire to have your bank accounts over flowing but it is of prime importance to have privacy, safety and security in your personal and professional world. While it may seem a pain to some to change their passwords very often and remember them, but once your password is cracked, whoever has found it or taken it now has access to all your information quickly and easily. A few moments of effort on your part can save you from a lot of problems later. Imagine yourself in the world without passwords. Your personal mails would have been accessed by anybody. Money in accounts would not be safe. Password protection is not perfect but it just may deter someone from stealing your data. Passwords have become the dominant means of access control to online services. With this success has come an enormous variety of attacks: each login page represents an opportunity for an attacker who is just a short sequence of characters away from someone else’s email, banking, medical or social networking accounts. Also, passwords can provide different access permissions to users. In general, anybody can access any data or information if password is not allotted but requiring a username and password to access various sensitive areas allows you to restrict access to only a chosen few people who know the secret codes.
