Mailbox account password security protection method

Source: Internet
Author: User
Tags alphanumeric characters password protection

For Internet users, account and password theft is the biggest headache. In normal operations, account and password security problems are the most easily overlooked, I always thought that I would not be so unlucky, so I had to regret it when I was stolen.
(1) How are accounts and passwords stolen?
Pay attention to the security of accounts and passwords. First, you need to know how the accounts and passwords are stolen so that you can know yourself and know what is happening. Currently, hackers steal accounts and passwords in three ways:
1. The original password stealing technology is brute-force cracking, also known as brute-force password cracking. If the hacker knows the account number in advance, such as the online bank account, and your password is very simple, such as using a simple combination of numbers, hackers can use brute-force cracking tools to quickly release their passwords.
2. After most users realize that simple passwords are in the face of hackers, people begin to make the password settings as complex as possible, which makes brute force cracking tools unfeasible. At this time, hackers began to write articles on the trojan virus. They designed the hook program in the Trojan program. Once the user's computer is infected with this special virus, the system was planted with a "Hook ", the hacker uses the hook program to listen to and record the user's key-hitting actions, and then sends the recorded password to the hacker's designated mailbox through its email sending module.
3. Soft Keyboard Input makes the Trojan horse using the key logging technology useless. At this time, hackers are still unwilling to crack the soft keyboard input through the screen snapshot method. The virus author has taken into account the password protection technology such as soft keyboard input. After the virus is running, the user's login interface will be continuously saved as two black and white images through the screen snapshot, then, send the email to the specified email recipient through the built-in mail module. Hackers may crack the user's login account and password by comparing the mouse clicks in the image, thus breaking through the soft keyboard password protection technology and seriously threatening the security of online transactions of investors.
(2) account and password security issues
1. Security password settings:
(1) The characters in the password should come from at least three of the five groups in the "character category" below. 1. lowercase letters a, B, c... 2. uppercase letters A, B, C... 3. numbers 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 4, non-alphanumeric characters (symbols )~ '! @ # $ % ^ & * () <>? /_-| 5. Unicode characters ?? ,? And λ
(2) Considerations for password setting:
1. Set a long password whenever possible. Please try to set a long password that is easy to remember. You can use the complete phrase instead of a single word or number as your password, because the longer the password, the less likely it is to be cracked.
2. Try to insert symbols into words. Although attackers are good at searching words in passwords, please do not discard words when setting passwords. However, you need to insert a symbol in your word or change it to a homophone. For example, "just for you" can be improved to "just4y_o_u ".
3. Do not show your account in your password.
4. Do not use your personal information as the password content. Such as birthday, ID card number, name of a person or partner, Dormitory number, etc.
(3) some useful tips for entering a password:
1. When entering the password, we recommend that you copy and paste the password to prevent the trojan program from being tracked;
2. Enter the password in disorder. For example, if your password is gsgas56, you should first press gfgs56, then move the mouse to 3rd bits and enter s to become gfsgs56. Then, enter a in the last 4th bits to become gfsgas56, then, remove the 2nd-bit f. In this way, you can enter gfgs56sa on the keyboard to effectively prevent attacks.
3. Enter the password on the keyboard. A soft keyboard is also called a virtual keyboard. When a user enters a password, the soft keyboard is opened first, and then the corresponding letter is selected with the mouse, so that the trojan record is avoided.
(4) technical defense:
· 1. Please promptly upgrade your browser and operating system, and download and install corresponding patches in a timely manner;
· 2. Install genuine anti-virus software and firewall. In particular, install "anti-trojan software ". Nowadays, many users only install anti-virus software. They do not have enough awareness of Trojan horse prevention and want to be noticed. The Trojan is terrible;
· 3. update anti-virus software, firewalls, and anti-trojan software in a timely manner, and check and kill them on a regular basis;
· 4. Do not browse unknown web pages, do not use unknown software, or disclose personal, organization, and account information when chatting.
(5) develop good habits:
1. Update the password of your account at intervals. Please update your password at intervals so that your new password complies with the above principles. At the same time, the new password should not contain the content of the old password and should not be similar to the old one.
2. If you are using a computer to access the Internet in a public place, you must clear the records you have used when you leave the website:
Select Tools> internet Options> General> Clear history> temporary files;
Alternatively, choose tools> internet Options> content> Automatic completion> clear form> clear password form.
3. Do not save the password or log on automatically when logging on to your account.
4. Delete the ". pwl" file. ". The pwl file is generally stored in windows. It records all user passwords in encrypted form, and some hackers decrypt it. pwl "file to get the password, delete". the pwl file can be used once and for all.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.