Hackers EASILY see your password!
Vložit
- čas přidán 3. 02. 2023
- You aren't going to believe how quickly your password can be cracked - watch this now!
If you think your password is secure - think again!
How Hackers can EASILY steal your password!
SUBSCRIBED YET?
czcams.com/users/LironSege...
#TheTechieGuy
Need to get faster wifi and faster internet? Is your gaming lagging and your zoom buffering? What is a Mesh WiFi and WiFi 6?
I show you all you need to know about faster and better connectivity with the best router settings, wifi optimization, wifi tips and internet bandwidth performance tricks and even boosting speed apps.
My name is Liron Segev, aka TheTechieGuy, and I make tech simple for everyone to understand - I answer your technology questions making so you are more productive more efficient, and getting more out of your phones, gadgets, and apps
Liron Segev aka TheTechieGuy
TheTechieGuy.com
FYI: As an Amazon Associate I earn from qualifying purchases - Věda a technologie
Please be careful with words. Longer passwords don’t take “5 years” or “400 years”. They take UP TO that time. They can also be cracked in 5 seconds with luck. And that’s where some hacking/cracking really gets a lot of its success: luck. It’s weighted luck in that skill is involved to improve the odds, but still, luck is a factor.
its all about the odds and probabilities. The odds of your Upper Case, Lower Case, Special Character 9 character word or phrase being in the wordlist becomes smaller and smaller the more complicated it is. If you are that unlucky to pick a phrase that is in the wordlist, it can be seconds. But the probability of that is tiny.
And we're really talking about user passwords in a database. Even if it's a few seconds for each password, that's multiplied by millions of accounts.
@@LironSegev
HI Mr Segev,
Do you have any solution to unlock the bios password for Dell latest computers like 7400 etc...?!
Ps : a software solution not removing the bios and flash it, I know this one.
Thanks.
Password entropy is
Length * log (# of characters in character set)/log(2)
Notice that length is the predominant term
@@PhilMoskowitz unless you can get administrative privileges, or the DB password. I mean even then perhaps everything is still encrypted, but I think most data is not secured properly
Great video exposing the dangers of poor, short passwords. The one issue I have with long passwords is the odds of making a mistake typing it in is very high, especially on a mobile phone keyboard. This is problematic when some sites lock your account after only a few tries.
true - unfortunately that's the price we have to pay these day for a security.
I use very long passphrases in the form of little stories, when I do change them I take a piece of paper and copy it multiple times. Then I do the same on a keyboard. I found it easier to remember than shorter randomized letter and characters passwords.
Use a password manager--preferably, one that hasn't been hacked like one that rhymes with FastLass.
The answer to that is using a password manager like KeePass.
This
I got a lot out of this video. In particular, the relative risks of short and long passwords. Great job. Thank you, Liron.
I find it irritating that some accounts require you to use special characters, while other accounts don't allow special characters.
I work in IT Security and i can't express how important this video is to everyone NOT using a longer password/password manager. That guide by Hive systems is beautiful but sadly you can't download it without a corporate email. Liron you should put a pdf downloadable link in your video description so everyone can have that image.
Thanks Kenneth! If you Google. Hive systems they jabe their yearly report and it's right there. Since I don't own it, it's probably best way to get that info.
@@LironSegev I clipped it using the snipping tool but I was hoping there would be a more professional download able pdf so I could share it with potential clients. Will go look again.
here is the link - you can download a high-res version: www.hivesystems.io/blog/are-your-passwords-in-the-green
@@LironSegev Yes but if you click on the download button, you'll see you can download the item without a corporate email. Thanks for your diligence anyway. 😁
I stumbled across this channel a while back. Must have been looking for help to do something with my computer. I subscribed immediately because the information, while technical, was also presented at a level I could use.
glad you stumbled :) Thats my aim: make tech simple so not only the geeks get it. We all use tech, so why shouldn't we all know this stuff? Appreciate you being here!
Always great value Liron. Thanks mate
Great advice, long passwords are way more secure and can be easy to remember. It's taken a while to convince some people at tbe office of this, but they are getting there. Also, i find it funny how those rainbow tables of passwords prove just how similar the vast majority of people are. Your short, 'unique' password likely isn't as unique as you think it is.
Thanks very much for your demonstration, huge eye opener for many!
Very fine, Liron. Congratulations for explains to education and conscientization on security.
Thanks for another great video!
Do you have a link for the info graphic showing the correlation between password length and time to decrypt? Would love to share that with family & friends.
Thanks Liron !! Very informative as always. I watch all of the videos and I appreciate all the hard work that goes into them. Keep up the great job !! 👍👍 ⭐️⭐️⭐️⭐️⭐️
I have a few Word files on my Windows machine that have short passwords I can remember easily and most are the same. So after the video, I need to make more complicated, unique passwords which of course are harder to remember. My solution is to use the password generator in my password manager, create a complex password, copy the password from the generator and paste into the secure notes section of the password manager. There is an entry heading suggesting the Word file name for each file password protected and the complex password is in the body of the entry. So to use it, I open the Word file and in the password field paste in the appropriate password from the secure notes section of the password manager. Once set up, it is just a paste operation. The password storage is secure. The password can be very complex and I don't have to worry about where the passwords are stored.
I despair. I'm going to buy notepads, pencils and a flock of trained homing pigeons.
We studied this thing when I was a student and we calculated how much time it would take to brute force a password, I don't remember how, but I do remember that my password would take thousands of years to crack with the tech on that year lmao
perfect - 1000 years is plenty of time to change your password midway 🤣
@@LironSegev Yes, because nothing is absolutely secure; high deterance is the practical goal. This is with any theft.
Learned much on passwords today. Thank you. :)
YOU ROCK MAN - And a digital life saver too!! Thank You Liron. I already subscribed, and gave you a thumbs up.
Appreciate you being here 🔥
Liron, what do you think about password managers like Bitwarden, Lastpass, etc?
As usual another awesome video! Thanks for all the work you put into making these videos👍!
My pleasure!
I really appreciate everything that your sharing on your CZcams channel. They are very helpful. Thank you .
You have given me a very good idea for a password which I have modified upon so for that... Thankyou
Again a big eye opener Liron so will be changing passwords to sentences that mine alone I hope. Those space passwords are clever.
yes!!! keep your stuff safe :)
All your videos are really good. Thanks very much.
Great video again 🙂 Thanks for giving people nice security advices. If I can add something , it's not creating a password with commom names or people surnames in it (eg: cat35€Michael^685) they can be found in permutation dictionnary-based attacks . And my favorite advice : I sometimes use long latin sentences . Yep , latin words are never included in dictionnaries.
100% - I am seeing more non-English words appearing in dictionaries these days, but absolutely use Latin words or any other language words that you can phonetically write in English.
I know lots of words that can be written using English letters, from another language i won't say which one though
@@LironSegev You are spot on. Even foreign words are finding their ways into rainbow tables these days.
@@klwthe3rd And why wouldn't they. It's not as if hackers only attack those accounts from English-speaking users.
I have watched a few of your vids, so I figured its about time I left a comment. I really love your videos. Not because of the content, but because of the way you present them. Even though, I rarely come across things here that I dont already know, I watch them anyway because of the way you present them. it makes it super easy to send it to my non techie friends, since I know they will be able to understand it easily.
I appreciate that!
Awesome information. Thank you! Now beginning the long task of changing ALL of my passwords..... this is going to take a while 🤔
Thats a very helpful video, but can you please tell me how did you transfer the word document from your windows to your kali?
Holy smokes man! Thanks so much for sharing your findings and putting this information up. All of your videos are excellent for learning the ins and outs of online safety and security.
Very valuable information. Thank you very much
Which password manager is the best or should just create your own? Thank you for all your great videos. I have learned a lot.
Thank you. This is definitely a "needed", and I really appreciate it.
Appreciate you being here 🔥
Hey Liron, could you do a video on expanding your battery life on smartphones please? It'll be very helpful and informative for us. Thanks.
Thanks for scaring me. My favourite method of composing a password is to take the first line of a book "Scarlett O'Hara was not beautiful, but men seldom realized" and use the first letter of each word (or the last). In this case it is sownbbmsr and then add some decoration "sownbbmsr!*!". I believe that would be resistant to a hash file. BTW the book in this case is Gone with the Wind.
Very informative video, thank you .
OMG! Just made me realize why I use song titles and we'll known phrases and sayings. Thanks again. Your a genius. 👍
Happy to help and thanks for being here!
Thank you!
What about the Credentials storage?
Great video! You showed how Google Chrome's way of saving passwords is not secure. Is that also true of Apple's iCloud Keychain?
thankyou so much for your VIDEO its so imperative..and everybody needs to KNOW
Protip:
Never check your password "strength" on a password strength testing website. Some will obviously be collecting all passwords and making a dictionary out of them.
noted
15 yr old daughter's friend cracked her iphone's password. they asked permission she said yes. now she made a better password since i told her basically the same thing. yep she didn't believe when when i showed her the power of linux but listens to friends 😑😅 great video
Thank you so much for this!!
Very interesting and informative! Thank you!
Glad it was helpful!
Thanks for this awesome video! Much appreciated. One question: What about using Latin words, Hebrew words, AND storing them in the password lock boxes, such as Mcafee, or Advast, any of the security companies instead of using Chrome, or Google. Yes, Chrome and Google are extremely handy to use, but, at what expense?
100% - I use phonetically spelt words such as Hamesh (5) or Bayit (home) - odds of people having those as part of a phrase are dramatically low
Always great info thank you.
Thank you for showing the vulnerability of storing one’s password in a browser. I have been suspect how hackers might backdoor into password keys.
Liron, several viewers have proposed using known-by-heart passages from favorite books, taking the 1st letter of each word to form the password. I use favorite lines from obscure poems in a similar way. How does this strategy score in your collection of password alternatives, please?
Thank you very much for this very useful information. 🙏🙏
Superb vid. Thanks!
I use passwords that contain characters not on the extended ASCII list, such as: ½+¼=¾ or 3²+2³=17¹ ; the ¾, ², ³, ¹ won't be on your list of millions of passwords. Sometimes those characters are not allowed so I just use a very long password with lots of special ASCII characters. That's true on phones as well.
unicode
Another fantastic video! Thanks for making our online life safer.
Happy to help!
Been using the mixed caharcter 8 letter password for some time but it certainly looks like moving to 9 or 10 characters is really worth while.
really does make a massive difference adding just one more character because of the additional permutations.
Almost seems like a waste of time having a bloody password. Great video mate but scared the crap out of me 😱
Excellent!!! Thanks for demoing.
My pleasure!
Excellent, as always!!🎉
Thank you so much 😀
I hate that browsers even ASK you to save passwords knowing that will be a honeypot for hackers to attack. Definitely worth disabling in the settings.
100%
I don't even like websites that let you save your account name/number.
Thanks for the tips. The passwords I use have all those characteristics and are long, but I didn't realize the one about the "Browser'. Should I let "Edge" keep my Passwords and Google also, when I use these passwords?
I would use a Password Manager and not the browser
Thank you for your time, sharing this critical information with us !!
My pleasure!
Thank you Liron, this is great
You're very welcome
Very helpful!
Amazing Video Liron, perhaps you can do a tutorial about Wi-Fi Router hacking and the best way of protecting a Router with a BETTER password, maybe using Kali Linux , please Liron, consider this buddy.
good idea
thank you so much for knowledge
Thank you men 😊
Wow..awesome video..thanks...this will be going out to my contacts
Appreciate you being here and of course sharing!
Appreciate the tips!
Happy to help!
So, so true, especially of BikTek troll-hackers of their own customers.
THANK you very much really eye opening!!! i will change all my passwords. Namaste from Holland
You're so welcome!
Super Great video Man , thanks
SpongeBob Narrator Guy: One eternity later
Liron Segev: Alright so it's been 12 hours...
Very nice info, thanks. 👍👍👍
My pleasure
Gracias! I began 17 character passwords approximately 2 years ago for that reason.
What are you using? A PC, how many cores, a video card? Remember hackers kinda made up the leet speek (replacing 3, with E) so they know to look for that. As well you are also using a found password lost file, so if the password is not in there it won't find it. Not really all of the info there to really show what you are doing.
100 people think they are clever now by changing their passwords to "I subscribed to this channel!! lol
🤣
The problem with such a long password is you forget what it is and have to go through the process of coming up with another one. I have had the correct password rejected on some accounts and had to come up with a new one.
You are the best. Very useful
Happy to help
Well, woah ! Thanks for the tips 👍👍
You bet!
Is it okay to copy & paste mega super long passwords from a list you keep in an encrypted excel spreadsheet? That way, i only need to memorize the mega super long password of the excel file.
So here I am, with 50 accounts with mostly different passwords. The whole account process is driving me crazy.
I let my password manager to generate one with 100 characters, then i copy and paste when needed, just seconds and give me more security. Only ones I cannot allow that are Google and Microsoft, because when setting a new phone or PC could be crazy to write the complete password 😅
Not that this matters but a hash is only going to store so many possibilities, such that many shorter passwords will hash to the same as a 100 character long one.
Aren't most portals limiting the number of failed login attempts? I thought it is like 3 or 5 attempts and your account is locked. So how can then these random tries break my password? Am I missing something?
what type of application are you using sir
My understanding was that the hackers didn’t actually have access to the password itself to work on like in this simple test, so aren’t they limited to a few tries and then locked out like the rest of us?
Very interesting adding even one more to your pass can have that much effect.
They are when they trie a online Atack but u can extract the Hash witch is the encryptet Password. They take the Hash copy it to a local achine and then u dont have to worry about this Systems and when u cracked the Password just log with that in.
Good evidence that we should all use two factor authorization whenever possible. Its inconvenient but well worth the extra minute of time.
100%
BTW our "learning institutions should have teachers like you, then everyone would learn a lot!!!
NIST recommends long passwords and forget complexity. All complexity does, is make it very hard to type (and remember). I like Canterbury tales for phrases, including blanks when possible:
"A clerk had litherly biset his whyle"
You'd have to have my book to even start to guess and sometimes even spelling varies from edition to edition.
I always use at least 10 characters, usually 12+, mixed case, numeric and special characters. And based on personal experiences or personal trivia.
Yup, I NEVER let browsers save my passwords. I even don't like the idea of password managers (i.e. KeePass), putting all your eggs in one basket to me. I don't like storing passwords digitally anywhere, I prefer cryptic analog.
Shares the app flatform u click at ur up bar of ur screen??????
I use pwr generator and I try not to save my passwords in a browser, but I still do not trust if they aren't saved somewhere in cookies or the browser even though I always click NO to save my password. Please make a video where you explain how to check if these passwords aren't saved somewhere and how to turn off this function or completely get rid of it.
what about simple pswd's, but 2 passes thru the encryption algo?
please sir, do you have a group for learning all this things sir??
I like having four random words and some random numbers in my password (1 English, 1 Italian, 1 French, 1 greeklish and some numbers sprinkled between them). I have some books i turn them in the same page and i pick 4 words in a way that i will remember them.
jokes on you my password is the first trillion digits of pi.
Thanks Liron
You got it
I knew from past experience that password protection in zip was very easily cracked (with the right utility) but have not tried other file types.
So isn't the solution 2-factor authentication. I always use a minimum of 12 characters, including, numbers, upper case, lower case, and special characters, plus 2 factors authentication on my phone. How can that be cracked?
2fa is a must but remember that even 2FA is not foolproof. There are ways to get around that too but 2FA makes it much harder for the average hackers/ scammer.
@@LironSegev Cheers mate, love, your work.
For max security use a 2nd phone 2FA with a phone number only you know and not in your own name. Avoid Google authenticator. Use another email you don't normally use and of course not one of the free ones. 2FAS has an additional password layer and you can back up the token file unlike with google auth. Increase the length to 23+ chars.
Excellent .
Many thanks!
hey i do keep all my passowords on chrome with an encrypted 22 letter with letters and numbers passphrase, all the passwords are google generated so 12 characters + numbers and special characters. am i safe? (ofc i do have 2FA on literally everything)
Awesome 👍
Never use a Word or only Numbers, Only. Mix all items up, Numbers, upper lower case, Special characters, ETC! This is great as I used 20 Digits, for my Legal stuff, Like a Bank!
What is that Kali Linux? Is that a free software that I can install in my Windows 10 laptop?
It is high time a new secure way to protect our computer. How about unplugging the input cable after use.