Does Changing Alphanumeric Passwords Frequently Deter Random Hacking Attempts?

  • Thread starter Thread starter Loren Booda
  • Start date Start date
  • Tags Tags
    Hacking
AI Thread Summary
Changing alphanumeric passwords frequently can help deter hacking attempts, particularly if a hacker has previously cracked a password and shares it. While brute force attacks on randomly generated passwords remain time-consuming, frequent changes force hackers to restart their efforts. However, if users develop predictable patterns in their passwords, this can make it easier for hackers to crack them over time. Using a respected random number generator for password creation is advised to enhance security. Overall, regularly updating passwords and avoiding predictable patterns can increase protection against hacking.
Loren Booda
Messages
3,108
Reaction score
4
I have been told to change alphanumeric passwords every so often to avoid someone hacking into a website. Suppose hacking occurs only by trying randomly sequences of numbers and letters to break into the site. Would my changing passwords have any effect, on average, of the site being hacked sooner or later?
 
Mathematics news on Phys.org
Assuming you picked a random sequence and the hacker just kept trying combinations no. whether he's attacking yesterday's pw or today's he has the same problem.

But suppose some hacker a month ago succeeded in cracking your password. And he passed it around to his friends, and they passed it to their friends, and by now every hacker in the freeping world knows it. So change it frequently if you care about being hacked.
 
You have to remember that websites have certain limitations. For instance, a hacker could write a program to randomly guess the password until getting it correct, but the server is likely to have a limit on how frequently the bot can guess it. If the server gets 1 million requests for the script every second, the alarm bell has rung and the admin will shut off access to the site, assuming that many requests doesn't overload the site outright. If we assume that the password only includes case sensitive letters and numbers, with let's say, a maximum of 8 characters, you've still got a countless amount of possible combinations. So unless, the hacker has a million or so years to spare, he/she isn't getting in.

This issue has come up before, because there was such a program developed to hack UBB boards. UBB was at one time the most popular bulletin board software out there, and most sites with big forums had one installed. In one version, the bonehead programmers decided to do away with the case sensitive passwords. In other words, the password letmein and LeTmEiN are the same. Since 99% of users use simple words as their passwords, this gave some access to virtually any UBB on the net.
 
As has been said already, a hacker employing a "brute force" attack, where they simply try every single permutation of the same length as your password, they are no more likely to break todays password as next months password.

However let's assume the hacker somehow succeeded in breaking your password last month. Then when you change your password this month, they must go through the process all over again, and the hacking process will take just as long... Or will it? Suppose that the hacker has broken your password a few times in the past, the hard way. Usually they don't succeed, but sometimes they do. An intelligent hacker will look at all these passwords and look for patterns. Now most of us will more than likely end up producing patterns in our passwords, especially if we have to produce one once or twice a week, or maybe more often in some jobs? These patterns won't be blindingly obvious, perhaps you have a slight tendency to use characters from the right side of the keyboard slightly more than characters from the left side, maybe 49.9% of characters come from the left side and 51.1% come from the right side. This information will slowly leak out of your passwords, and the more of your previous passwords the hacker has the more information they will likely obtain.

This information could be used to search a particular region of the permutation search space first, then simply searching the remaining space at random if the original search fails. This search will probably not hasten the cracking of your passwords by huge amounts, but it does none the less increase the probability that a hacker will crack your password within the time frame you use that password.

The above is really simple stuff, and in reality i have no idea whether it will be in any way practical, I've never tried it. But it does show how an intelligent hacker could theoretically start cracking your passwords, and that an intelligent hacker won't simply use a random search. It also goes to show that you should probably use some form of respected random number generator to produce a password, one that is respected among cryptographers wouold be a good choice.
 
I wonder if, at this moment, hackers are getting new ideas from this.
 
Please don't resurrect ancient threads.

- Warren
 
Thread 'Video on imaginary numbers and some queries'

Thread 'Video on imaginary numbers and some queries'

Hi, I was watching the following video. I found some points confusing. Could you please help me to understand the gaps? Thanks, in advance! Question 1: Around 4:22, the video says the following. So for those mathematicians, negative numbers didn't exist. You could subtract, that is find the difference between two positive quantities, but you couldn't have a negative answer or negative coefficients. Mathematicians were so averse to negative numbers that there was no single quadratic...
View full post »

Thread 'What Exactly is Dirac’s Delta Function? - Insight'

Insights auto threads is broken atm, so I'm manually creating these for new Insight articles. In Dirac’s Principles of Quantum Mechanics published in 1930 he introduced a “convenient notation” he referred to as a “delta function” which he treated as a continuum analog to the discrete Kronecker delta. The Kronecker delta is simply the indexed components of the identity operator in matrix algebra Source: https://www.physicsforums.com/insights/what-exactly-is-diracs-delta-function/ by...
View full post »
Thread 'Unit Circle Double Angle Derivations'

Thread 'Unit Circle Double Angle Derivations'

Here I made a terrible mistake of assuming this to be an equilateral triangle and set 2sinx=1 => x=pi/6. Although this did derive the double angle formulas it also led into a terrible mess trying to find all the combinations of sides. I must have been tired and just assumed 6x=180 and 2sinx=1. By that time, I was so mindset that I nearly scolded a person for even saying 90-x. I wonder if this is a case of biased observation that seeks to dis credit me like Jesus of Nazareth since in reality...
View full post »

Similar threads

Online password requirements have gotten ridiculous
Replies
46
Views
8K
PHP Limiting Output from Unmaintainable PHP Code
Replies
7
Views
2K
Dam Failures and Infrastructure Damage in a Changing Environment
Replies
8
Views
4K
Why does biology deal with why questions?
Replies
1
Views
2K
Planning on studying math for the college entrance exam, help needed
Replies
4
Views
3K
A Probability via Expectation and Callen's criterion
Replies
14
Views
3K
Lightbulb Jokes - How Many Does it Take?
Replies
2
Views
4K
Engineering Change of major as a junior: Physics or Aerospace Engineering?
Replies
4
Views
2K
Can Evolved State: Dichotomy Capture Your Imagination?
Replies
1
Views
4K
The Mojave Phone Booth Phenomenon
Replies
10
Views
5K

Hot Threads

Recent Insights

Back
Top