Does Changing Alphanumeric Passwords Frequently Deter Random Hacking Attempts?

  • Thread starter Loren Booda
  • Start date
  • Tags
    Hacking
In summary, changing alphanumeric passwords frequently can potentially prevent hacking attempts if the hacker is relying on randomly guessing sequences of numbers and letters. However, if the hacker has already obtained a previous password through successful hacking, changing passwords may not have a significant effect. Additionally, using patterns or easily guessable words in passwords can make them more vulnerable to hacking attempts. It is recommended to use a respected random number generator to create strong passwords.
  • #1
Loren Booda
3,125
4
I have been told to change alphanumeric passwords every so often to avoid someone hacking into a website. Suppose hacking occurs only by trying randomly sequences of numbers and letters to break into the site. Would my changing passwords have any effect, on average, of the site being hacked sooner or later?
 
Mathematics news on Phys.org
  • #2
Assuming you picked a random sequence and the hacker just kept trying combinations no. whether he's attacking yesterday's pw or today's he has the same problem.

But suppose some hacker a month ago succeeded in cracking your password. And he passed it around to his friends, and they passed it to their friends, and by now every hacker in the freeping world knows it. So change it frequently if you care about being hacked.
 
  • #3
You have to remember that websites have certain limitations. For instance, a hacker could write a program to randomly guess the password until getting it correct, but the server is likely to have a limit on how frequently the bot can guess it. If the server gets 1 million requests for the script every second, the alarm bell has rung and the admin will shut off access to the site, assuming that many requests doesn't overload the site outright. If we assume that the password only includes case sensitive letters and numbers, with let's say, a maximum of 8 characters, you've still got a countless amount of possible combinations. So unless, the hacker has a million or so years to spare, he/she isn't getting in.

This issue has come up before, because there was such a program developed to hack UBB boards. UBB was at one time the most popular bulletin board software out there, and most sites with big forums had one installed. In one version, the bonehead programmers decided to do away with the case sensitive passwords. In other words, the password letmein and LeTmEiN are the same. Since 99% of users use simple words as their passwords, this gave some access to virtually any UBB on the net.
 
  • #4
As has been said already, a hacker employing a "brute force" attack, where they simply try every single permutation of the same length as your password, they are no more likely to break todays password as next months password.

However let's assume the hacker somehow succeeded in breaking your password last month. Then when you change your password this month, they must go through the process all over again, and the hacking process will take just as long... Or will it? Suppose that the hacker has broken your password a few times in the past, the hard way. Usually they don't succeed, but sometimes they do. An intelligent hacker will look at all these passwords and look for patterns. Now most of us will more than likely end up producing patterns in our passwords, especially if we have to produce one once or twice a week, or maybe more often in some jobs? These patterns won't be blindingly obvious, perhaps you have a slight tendency to use characters from the right side of the keyboard slightly more than characters from the left side, maybe 49.9% of characters come from the left side and 51.1% come from the right side. This information will slowly leak out of your passwords, and the more of your previous passwords the hacker has the more information they will likely obtain.

This information could be used to search a particular region of the permutation search space first, then simply searching the remaining space at random if the original search fails. This search will probably not hasten the cracking of your passwords by huge amounts, but it does none the less increase the probability that a hacker will crack your password within the time frame you use that password.

The above is really simple stuff, and in reality i have no idea whether it will be in any way practical, I've never tried it. But it does show how an intelligent hacker could theoretically start cracking your passwords, and that an intelligent hacker won't simply use a random search. It also goes to show that you should probably use some form of respected random number generator to produce a password, one that is respected among cryptographers wouold be a good choice.
 
  • #5
I wonder if, at this moment, hackers are getting new ideas from this.
 
  • #6
Please don't resurrect ancient threads.

- Warren
 

1. How do hackers steal passwords?

Hackers can steal passwords through various methods, such as phishing scams, data breaches, and keylogging. Phishing scams involve tricking users into giving their login credentials through fake websites or emails. Data breaches occur when a website or company's database is hacked, exposing users' passwords. Keylogging involves using software to record keystrokes and capture login information.

2. Is it easy to hack a password?

It depends on the strength of the password and the method used by the hacker. If a password is weak and easily guessable, it can be hacked quickly. However, if a password is complex and uses a combination of letters, numbers, and special characters, it can be more challenging to hack.

3. How can I protect my passwords from being hacked?

To protect your passwords from being hacked, make sure to use strong and unique passwords for each account. Avoid using easily guessable information, such as your name or birthdate. You can also use a password manager to securely store your passwords and enable two-factor authentication for an extra layer of security.

4. Can hackers use my password to access all my accounts?

If you use the same password for multiple accounts, a hacker can potentially access all of them with just one password. It is essential to use different passwords for each account to prevent this from happening.

5. What should I do if my password is hacked?

If your password is hacked, the first thing you should do is change your password immediately. Make sure to use a strong and unique password. You should also monitor your account for any suspicious activity and enable two-factor authentication if possible. If your account contains sensitive information, it is recommended to contact the company or website and inform them of the security breach.

Similar threads

Online password requirements have gotten ridiculous
    • General Discussion
2
Replies
46
Views
7K
PHP Limiting Output from Unmaintainable PHP Code
    • Programming and Computer Science
Replies
7
Views
2K
Why does biology deal with why questions?
    • Biology and Medical
Replies
1
Views
1K
Planning on studying math for the college entrance exam, help needed
    • STEM Academic Advising
Replies
4
Views
1K
A Probability via Expectation and Callen's criterion
    • Quantum Interpretations and Foundations
Replies
14
Views
2K
Lightbulb Jokes - How Many Does it Take?
    • General Discussion
Replies
2
Views
3K
Engineering Change of major as a junior: Physics or Aerospace Engineering?
    • STEM Career Guidance
Replies
4
Views
2K
Too Much Stellar Flux: Fixing a 25-year old Problem
    • Sci-Fi Writing and World Building
Replies
9
Views
2K
The Scientist as Hero - or not
    • Art, Music, History, and Linguistics
Replies
1
Views
1K
Scifi/Fantasy Novel Prologue
    • Sci-Fi Writing and World Building
Replies
1
Views
2K

Hot Threads

Recent Insights

Back
Top