Week 3 - Password Security

Question 1

What are the three aspects of password security?

Answer 1

• Generation
• Storage
• Attacking

Question 2

What makes a password strong?

Answer 2

length and number of random characters

= High entropy

Question 3

Problems with High Entropy Passwords?

Answer 3

• predictable and common passwords
• e.g password1234

Question 4

What is the “Three Random Words” approach?

Answer 4

Use three unrelated words to create memorable yet secure passwords.

Question 5

What is a one-time Paswords (OTP)?

Answer 5

a random password valid for a limited time

Question 6

How should passwords be stored securely?

Answer 6

• Don’t store password as plaintext in database
• use hashing - Encrypt passwords with a one-way hash function
• Add Salts to password - random value appended to password, prevents same passwords having same hash

Question 7

What is a brute force attack?

Answer 7

attacker attempts all possible passwords to gain access

Question 8

What is Password guessing?

Answer 8

attack has know info about victim/system and is able to exploit it

Question 9

What is a dictionary attack?

Answer 9

attacker uses every password from a prededefined list

Question 10

What is a precomputed hash table?

Answer 10

using a table of common hash functions + passwrods, they determine if the orignal password.