Cyber Safety ! ! !

ax3 · 25-11-2005, 06:02 PM

In an article (Is your child safe in cyberland ?) of Yesterdays (24 Nov 2005) Times Of India, Mr. Vijay Mukhi has stated abt 2 programs : Passware & Outlook passbook recover ...

through these softwares a person can find out ur LONG, mixed or strong passwords ...

its really shocking 2 find out that all ur passwords from Outlook Express have been hacked ...

whot steps should v take 2 avoid being hacked ???

& how 2 protect my outlook express being hacked ???

anandk · 25-11-2005, 08:00 PM

keep a strong password, atlst 8 characters, alph-numeric, capital + small letters, special-signs like '&, etc" in it too. change frequently.

use a good 'security suite'
lemmee c, what else .....

this cant-n-mouse game will go on. dont take it so seriously.

Deep · 26-11-2005, 12:50 AM

hmm actually it is not really possible to hack the good password, good password means, the one which is not common...

it will be easy to hack password like admin123 or say passw0rd...but if the password is say a$a*dmin123 then it will be difficult to hack coz it includes the characters which are not common and not easily imaginable...

These softwares use Brute Force menthod or directory method to get the password....

They try the file with all the passwords in their directory and if ur one matches with the one present in their directory..then bingo!!!!..you are in...

So moral of the story is, keep strong passwords which no one can think of

Deep

it_waaznt_me · 27-11-2005, 04:14 PM

Hmmm.. That reminds me of Firefox which (incredibly) stores the passwords in text format which anyone can read .. So much for "secured browser" ..

Deep · 27-11-2005, 04:17 PM

Quote:

Originally Posted by it_waaznt_me

Hmmm.. That reminds me of Firefox which (incredibly) stores the passwords in text format which anyone can read .. So much for "secured browser" ..

and this reminds me of Mumbai Meet II and sourabh

Choto Cheeta · 27-11-2005, 04:24 PM

Quote:

Originally Posted by Deep

it will be easy to hack password like admin123 or say passw0rd...but if the password is say a$a*dmin123 then it will be difficult to hack coz it includes the characters which are not common and not easily imaginable...

now can some tell me that HOW a password works??

the word has to be saved in the server where i am loging in... otherways how can it match the password enter by the user??

so if some one can gain access to that area... or can bridge the encription... then??

Quote:

Originally Posted by it_waaznt_me

Hmmm.. That reminds me of Firefox which (incredibly) stores the passwords in text format which anyone can read .. So much for "secured browser" ..

by the way... FF does hold a option where u can password those passwrods...

it_waaznt_me · 27-11-2005, 04:32 PM

Yupp @ Deep ..

@ Saurav: It _never_ asks you to create a master password and _never_ tells you that this password is saved as simple ASCII ..

Deep · 27-11-2005, 04:36 PM

Hi,
Recently few people had managed to decrypt the passwords stored in few microsoft office formats (I think some old encryption format it was)

and then people managed to decrypt the password stored by MSN Messenger too..

But I do not think it will be easy to decrypt the passwords which are stored in latest encryption format provided by Office 2003 or other latest versions of software.

Storing of password totally depends upon the application..If I am not wring then account info is stored in encrypted format in the registry.

And for online applications ofcourse it is stored in the database online and in encrypted format....many online applications use MD5 but there are many others too which prefer using their own encryption format..and decrypting all these format is next to impossible...

So easier way would be brute force method or dictionary method attack....

So even if someone gets into their database then also they wont be able to steal the password because it is not possible to decrypt it (even for the server admin too)

I hope this clears your doubt.

Regards,
Deep

Choto Cheeta · 27-11-2005, 04:39 PM

Quote:

@ Saurav: It _never_ asks you to create a master password and _never_ tells you that this password is saved as simple ASCII ..

& do u know?? how many times this feature saved my life?? or should i say this gave a very bad habit or forgetting passwords...

lol.. lol...

Choto Cheeta · 27-11-2005, 05:37 PM

Quote:

Originally Posted by Deep

there are many others too which prefer using their own encryption format..and decrypting all these format is next to impossible...

then how can there won service is working... there has to be a method by which there own services access those encripted data...

isnt it??

so if some one know (may not in india (right now) but can happen with geeks seating in china or US) how that company services access those encripted data then??