Essays24.com - Term Papers and Free Essays
Search

Password Hacking

Essay by   •  April 9, 2011  •  375 Words (2 Pages)  •  1,472 Views

Essay Preview: Password Hacking

Report this essay
Page 1 of 2

Stealing (phishing) passwords to web-based email accounts is simple

Hacking into somebody's web-based email account may be easier than you think, frightening trivial in fact. Here's how and why.

What to get from where-

If we want to obtain something we need at least a vague idea of what that is and where we can get it.

Let's assume that we want to gain access to a system protected with a password. One way, an elegant way, to get into the system is to obtain the password. So the password is what we want.

Now we need to find out where to get the password from. Let's also assume that the person who issued the password, the password holder is able to reproduce it if necessary.

How to get it

Under which circumstances will she be willing, eager even to give away that precious phrase?

Right.

Whenever the password is needed to access the protected system she will issue it without suspicion and actually believing she is doing something right. Of course she will have a more or less precise idea of the environment where it is not only required but also "safe" to enter the password.

Our goal thus is to emulate this environment as exactly as possible.

How it Works

When a Hotmail session has been idle for some time, for example, the user is automatically logged out and upon a request to access her account has to re-login.

If this re-login screen is emulated in an email, what is intended to be a security feature turns into a security risk. You type in the password to log into Hotmail again, but the password is silently sent to the

...

...

Download as:   txt (2.1 Kb)   pdf (50.7 Kb)   docx (9.3 Kb)  
Continue for 1 more page »
Only available on Essays24.com