World Password Day: Can We Leverage Technology To Protect Passwords From Hackers?

password hackers

We have seen a rise of cyberattacks in the recent past. One of the juiciest targets for malicious hackers is the password, a string of letters, numbers and characters used to authenticate online users. On the occasion of World Password Day, we take a look at why companies and developers should leverage the best techniques to protect passwords.

As more people move to virtual online usage, protecting passwords becomes more important. According to research, there is a psychological challenge among people when it comes to managing passwords which can be easily exploited by hackers. 

We already know that passwords also should be strong enough. They should be at least 15 characters long with both uppercase letters, lowercase letters numbers and special characters. 

Subscribe to our Newsletter

Join our editors every weekday evening as they steer you through the most significant news of the day, introduce you to fresh perspectives, and provide unexpected moments of joy
Your newsletter subscriptions are subject to AIM Privacy Policy and Terms and Conditions.

According to Adam Palmer, Chief Cybersecurity Strategist at Tenable, “Every time a researcher with time on their hands searches through the stolen password databases, it reveals millions are still using 123456 as a password, so the chances of changing password behaviour are nothing short of a miracle.”

Weak passwords serve as a huge security threat for millions of businesses. But, passwords are anyway the most used authentication tool in today’s era even though other authentication techniques have been in place for years such as two-factor authentication, biometrics and hardware tokens. 

With each new online account, people have to remember new passwords and so it’s better to use a password manager that has hashing algorithms. Password protection should be designed in a way that they are free from vulnerabilities and sophisticated attacks such as man-in-the-middle. 

Hackers Will Do Everything To Crack Passwords

There are multiple automatic attack schemes which hackers can leverage to exploit enterprise systems. “The sheer volume of stolen users’ passwords available for sale on the dark web highlights that the problem is less about having strong passwords or phrases, and more about users creating unique codes for each online account to limit the damage from database breaches,” Palmer said.

Storing passwords in an unencrypted format is like a sin, and companies doing that are waiting to just get hacked. Developers need to create cryptographically protected systems so that hackers do not gain access to passwords. Also, there needs to be a limited number of access attempts to login attempts on any system.  This prevents Brute Force attacks to happen. 

Also, merely relying on encryption is not enough as hackers can even crack through encryption. In a case when a malicious entity gains access to the encryption key, encryption would serve quite useless. 

Advanced Techniques Are Needed For Safeguarding Passwords

Developers need to, therefore, rely upon advanced techniques, like hash functions, salt to make sure that hackers are prevented from gaining access to passwords. Most of the modern-day passwords rely on matching the computed hash with the stored hash to gain access to web services. Every unique password is represented by the same length hashes, and hackers cannot access them or decode passwords easily unless through means like rainbow tables. 

Hashing can be made stronger by using additional data known as salt. Salt is also called a nonce, which is a number used once. And it generates a random string of bytes that can be included in the hash calculation along with the actual password. It also prevents users with the same password getting the same hash. 

“Given the reliance on passwords doesn’t appear to be reducing, and if anything, our virtual identities are increasing, password managers that create and store complex passwords are essential. This year, as a spotlight is once again on passwords, instead of advocating complex recipes and codes, do yourself a favour and automate,” added Palmer.

Vishal Chawla
Vishal Chawla is a senior tech journalist at Analytics India Magazine and writes about AI, data analytics, cybersecurity, cloud computing, and blockchain. Vishal also hosts AIM's video podcast called Simulated Reality- featuring tech leaders, AI experts, and innovative startups of India.

Download our Mobile App

MachineHack | AI Hackathons, Coding & Learning

Host Hackathons & Recruit Great Data Talent!

AIMResearch Pioneering advanced AI market research

With a decade of experience under our belt, we are transforming how businesses use AI & data-driven insights to succeed.

The Gold Standard for Recognizing Excellence in Data Science and Tech Workplaces

With Best Firm Certification, you can effortlessly delve into the minds of your employees, unveil invaluable perspectives, and gain distinguished acclaim for fostering an exceptional company culture.

AIM Leaders Council

World’s Biggest Community Exclusively For Senior Executives In Data Science And Analytics.

3 Ways to Join our Community

Telegram group

Discover special offers, top stories, upcoming events, and more.

Discord Server

Stay Connected with a larger ecosystem of data science and ML Professionals

Subscribe to our Daily newsletter

Get our daily awesome stories & videos in your inbox