www.whyville.net Jul 27, 2008 Weekly Issue



holiday50
Times Writer

How to Avoid Getting Hacked

Users' Rating
Rate this article
 
FRONT PAGE
CREATIVE WRITING
SCIENCE
HOT TOPICS
POLITICS
HEALTH
PANDEMIC

Hacking is a growing problem on Whyville. Each day, several Whyvillians are falling into fatal traps set by cruel hackers. In the virtual world, hackers are predators and we are their prey. Sometimes it is obvious when they are luring us into their traps. On Whyville, they can be seen selling accounts and scions or offering to give makeovers. Though the offer sounds enticing, in the end the hacker will rob you of everything you have worked for. Fortunately, these tricks can be avoided.

At other times, these Internet predators suddenly attack their unsuspecting and foolish prey. This shows that sometimes, the blame is on the victims rather than the hackers. Just this past week, a few of my friends lost their accounts to a brutal hacker. While talking to them, I realized that their passwords were extremely weak. When creating an account, the second order of business is to create a password. One's password should be hard to guess but easy enough for them to remember. Nonetheless, if the password is too obvious, the victim has just paved the way for a hacker to enter into their account.

As you are reading this article, pretend that a vicious hacker is trying to access your account. We'll call him "Daxter." Dax is a very greedy Whyvillian. He does not want to earn his clams. Instead, he wants to use the easiest method his lazy mind can come up with: hacking. Some of you victims are probably shrugging because you think that your password is too hard for Dax figure out. But what you don't know is that Dax has years of hacking experience behind him.

A common belief is that when hacking, hackers try difficult password combinations. This, however, is a myth. The truth is, hackers try the easiest passwords. Think about this: hacking is a convenient way of getting what you want. So it is logical for hacker to try something obvious. Every hacker has a list of commonly used passwords and they use the possibilities on the list. Meanwhile, their victims think that since hackers try complicated methods, they make their passwords easy. They think that a hacker would never think of something so clear. They even go as far as using the website's name as their password. For those of you whose passwords are "Whyville," I recommend changing it immediately.

The following are the Top 10 Obvious Passwords that a hacker tries:

1. The name of the person themselves, a relative, pet, friend, teacher or other acquaintances. Sometimes these names are followed by a number. The most common numerals are one-digit numbers such as 0 or 1.

Example: Jessica, Jessica1

2. Personal information about the person themselves, a relative, pet, friend, teacher or other acquaintances are also often used. Birthdays are popular passwords.

Example: July18, 18July, 0718, 1807

3. Sometimes, passwords are information that is commonly known. This includes the country/city in which the person lives, the name of their school, etc.

Example: TorontoOntarioCanada, TorontoCanada, OntarioCanada, Toronto, Ontario, Canada

4. People use number combinations because they are hard to guess. However, they can be quite simple. The mixtures range from 111, 222, 333 to 123, 1234, 12345, 123456, etc. Alphabet combinations are also very common, such as AAAAA, BBBBB, CCCCC, ABCD, ABCDE, etc.

5. Sometimes the password is the word "password" itself. It can also be "username" or the person's actual username. In my case, my password may be holiday50. Passwords are also founded to be related the username or the website.

Example: My username is holiday50, so it would be pretty stupid of me to make my password a holiday.

6. The religious show their faith through their password. These passwords are related to religion, popularly being religious leaders.

Example: God, Pope, Allah, Buddha, Jesus

7. You are sitting by your keyboard, anxiously trying to think of a password. As you look at your computer set up, the idea comes to you. Why not name your password after a computer part?

Example: keyboard, mouse, modem, plug

8. By looking at your keyboard, another clear idea may come to you: QWERTY, which is the first few row of letters on a keyboard.

9. Familiar lifestyle items are also used as passwords. This can be appliances, emotions/feelings, popular TV shows, etc.

Example: love, hate, money, Hannah Montana

10. Several people name their passwords after their hobbies or things they like.

Example: pizza, soccer, dogs, cats

Statistics show that a person's password describes 20% of themselves. Another statistic shows that hackers are often friends of their victims. On Whyville, who knows a lot about you? Your friends! They know your hobbies, your likes and dislikes, and the way you think. Dax, the nonexistant hacker, could very well be posing as your best friend. A few years ago I was foolishly hacked at my own fault. At the time, my favorite band was Green Day. My "friend" easily figured out my password, which was "iloveGreenDay."

So far, Dax has been unsuccessful at trying to enter your account. The Top 10 list has failed him. However, he has another trick up his virtual sleeve! The second step to hacking is using common knowledge.

Repeatedly Using the Same Password

These days, people are members of several websites. This includes Myspace, Facebook, MSN, Neopets, HabboHotel, and our very own Whyville. A lot of people use the same password for their many accounts. Let's say that in real life, you and Dax are the best of friends. You are so close that you even share your Facebook passwords with each other. Dax can easily hack you by trying your Facebook password for your Whyville account.

Cookies & How to Delete Them

Some websites have the option to "remember" you. This means that they will remember your username or password, or even both, to save you the trouble of logging in. You don't have to type in your information. With the click of a button, the website's memory will automatically write your information for you. How do they do this? Websites leave a tracking device on your computer, also known as a "cookie." This allows the website to recognize which computers are accessing the website and which of these computers want to be remembered. Hackers can easily access cookies and the information on them.

Don't be alarmed! There is an effortless method of deleting cookies. Locate your browser and follow the instructions below. If your browser is not listed, you can find how to delete cookies through a search engine.

Logging in by yourself doesn't seem like such a hassle, does it? Now you know the password mistakes made by users around the world. Nonetheless, there are also many tips to creating a difficult password.

Below, are the Top 10 Password Tips:

1. Make your password something significant from your childhood. This can be a former teacher, favourite toy, story, etc. Check a dictionary to confirm that the password isn't an existing word. Example: Mr.Tipplehorn

2. Use something specific related to your life. This can be a model of a car, a meal from a restaurant, the publishing company of a favourite book, etc. The password should not coincide with something personal about yourself.

Example: Grilledfishwithnectarinemintsalsa (Translation: Grilled fish with nectarine mint salsa)

3. Think of a phrase that you can easily remember. However, make sure that the phrase is not obvious or something you would commonly say. Then abbreviate the phrase using the first letters of every word.

Example: My favorite poet was Shel Silverstein. So, the abbreviated password would be - mfpwss

4. Instead of picking a phrase, you can also opt for a song lyric or a quote. Abbreviate what you choose.

Example: "When you look me in the eyes" would be - wylmite

5. If you speak another language, your password can be translated into that language. Only use this trick if the other language uses the English alphabet. It would not be very smart to copy and paste symbols from another language and use them as your password.

Example: Omelettedefromage - this is French for "Cheese Omelette"

6. In English, we read from left to right. A clever thing to do would be to make your password backwards.

Example: Omelettedefromage would be - egamorfedettelemo

7. Add standard symbols into your password.

Example: Ca9n3a2a, C@n$ad^a

8. Capitalize some of the letters in your password so that there are upper and lowercase letters.

Example: CaNAdA

9. Your password should be alphanumeric, meaning that it should be a combination of letters and numbers. Replace letters with numbers that resemble the letters.

Example: h4nn4m0nt4na

10. Use steps 5-9 together to form an ultra hard password.

Example: l4mPsh4D3

The ten tips above don't always guarantee a strong password. There are four levels of a password: weak, medium, strong and best. By using the ten tips, your password can still be obvious to a hacker. Even if it is something as hard as: grill3dchick3n, a hacker can still figure out this password. So, what makes a strong password?

This article is not meant to encourage hacking. It is meant to help the many users who are oblivious to hacking.

holiday50

Author's Note: Credits to Morgan612 for thinking of Daxter's last name, "Yackenshnoodle."

Sources:
http://onemansblog.com/2007/03/26/how-id-hack-your-weak-passwords/
http://security.yahoo.com/article.html?aid=2006102509
http://www.purdue.edu/securepurdue/bestPractices/passTips.cfm
http://www.workcover.com/Home/Securesite/Passwordtips/tabid/274/Default.aspx
http://www1.umn.edu/oit/security/OIT__12666_REGION1.html

 

Did you like this article?
1 Star = Bleh.5 Stars = Props!
Rate it!
Ymail this article to a friend.
Discuss this article in the Forums.

  Back to front page


times@whyville.net
9176