Hackers EASILY see your password!
Ғылым және технология
You aren't going to believe how quickly your password can be cracked - watch this now!
If you think your password is secure - think again!
How Hackers can EASILY steal your password!
SUBSCRIBED YET?
kzread.info...
#TheTechieGuy
Need to get faster wifi and faster internet? Is your gaming lagging and your zoom buffering? What is a Mesh WiFi and WiFi 6?
I show you all you need to know about faster and better connectivity with the best router settings, wifi optimization, wifi tips and internet bandwidth performance tricks and even boosting speed apps.
My name is Liron Segev, aka TheTechieGuy, and I make tech simple for everyone to understand - I answer your technology questions making so you are more productive more efficient, and getting more out of your phones, gadgets, and apps
Liron Segev aka TheTechieGuy
TheTechieGuy.com
FYI: As an Amazon Associate I earn from qualifying purchases
Пікірлер: 409
Please be careful with words. Longer passwords don’t take “5 years” or “400 years”. They take UP TO that time. They can also be cracked in 5 seconds with luck. And that’s where some hacking/cracking really gets a lot of its success: luck. It’s weighted luck in that skill is involved to improve the odds, but still, luck is a factor.
@LironSegev
Жыл бұрын
its all about the odds and probabilities. The odds of your Upper Case, Lower Case, Special Character 9 character word or phrase being in the wordlist becomes smaller and smaller the more complicated it is. If you are that unlucky to pick a phrase that is in the wordlist, it can be seconds. But the probability of that is tiny.
@PhilMoskowitz
Жыл бұрын
And we're really talking about user passwords in a database. Even if it's a few seconds for each password, that's multiplied by millions of accounts.
@paradhoax
Жыл бұрын
@@LironSegev HI Mr Segev, Do you have any solution to unlock the bios password for Dell latest computers like 7400 etc...?! Ps : a software solution not removing the bios and flash it, I know this one. Thanks.
@jumbles1957
Жыл бұрын
Password entropy is Length * log (# of characters in character set)/log(2) Notice that length is the predominant term
@buggaboo2707
Жыл бұрын
@@PhilMoskowitz unless you can get administrative privileges, or the DB password. I mean even then perhaps everything is still encrypted, but I think most data is not secured properly
Great video exposing the dangers of poor, short passwords. The one issue I have with long passwords is the odds of making a mistake typing it in is very high, especially on a mobile phone keyboard. This is problematic when some sites lock your account after only a few tries.
@LironSegev
Жыл бұрын
true - unfortunately that's the price we have to pay these day for a security.
@LaurentiusTriarius
Жыл бұрын
I use very long passphrases in the form of little stories, when I do change them I take a piece of paper and copy it multiple times. Then I do the same on a keyboard. I found it easier to remember than shorter randomized letter and characters passwords.
@dragoniv
Жыл бұрын
Use a password manager--preferably, one that hasn't been hacked like one that rhymes with FastLass.
@klwthe3rd
Жыл бұрын
The answer to that is using a password manager like KeePass.
@roelsvideosandstuffs1513
Жыл бұрын
This
I got a lot out of this video. In particular, the relative risks of short and long passwords. Great job. Thank you, Liron.
I work in IT Security and i can't express how important this video is to everyone NOT using a longer password/password manager. That guide by Hive systems is beautiful but sadly you can't download it without a corporate email. Liron you should put a pdf downloadable link in your video description so everyone can have that image.
@LironSegev
Жыл бұрын
Thanks Kenneth! If you Google. Hive systems they jabe their yearly report and it's right there. Since I don't own it, it's probably best way to get that info.
@klwthe3rd
Жыл бұрын
@@LironSegev I clipped it using the snipping tool but I was hoping there would be a more professional download able pdf so I could share it with potential clients. Will go look again.
@LironSegev
Жыл бұрын
here is the link - you can download a high-res version: www.hivesystems.io/blog/are-your-passwords-in-the-green
@klwthe3rd
Жыл бұрын
@@LironSegev Yes but if you click on the download button, you'll see you can download the item without a corporate email. Thanks for your diligence anyway. 😁
I stumbled across this channel a while back. Must have been looking for help to do something with my computer. I subscribed immediately because the information, while technical, was also presented at a level I could use.
@LironSegev
Жыл бұрын
glad you stumbled :) Thats my aim: make tech simple so not only the geeks get it. We all use tech, so why shouldn't we all know this stuff? Appreciate you being here!
I find it irritating that some accounts require you to use special characters, while other accounts don't allow special characters.
As usual another awesome video! Thanks for all the work you put into making these videos👍!
@LironSegev
Жыл бұрын
My pleasure!
YOU ROCK MAN - And a digital life saver too!! Thank You Liron. I already subscribed, and gave you a thumbs up.
@LironSegev
Жыл бұрын
Appreciate you being here 🔥
Always great value Liron. Thanks mate
We studied this thing when I was a student and we calculated how much time it would take to brute force a password, I don't remember how, but I do remember that my password would take thousands of years to crack with the tech on that year lmao
@LironSegev
Жыл бұрын
perfect - 1000 years is plenty of time to change your password midway 🤣
@louf7178
Жыл бұрын
@@LironSegev Yes, because nothing is absolutely secure; high deterance is the practical goal. This is with any theft.
Great advice, long passwords are way more secure and can be easy to remember. It's taken a while to convince some people at tbe office of this, but they are getting there. Also, i find it funny how those rainbow tables of passwords prove just how similar the vast majority of people are. Your short, 'unique' password likely isn't as unique as you think it is.
I have a few Word files on my Windows machine that have short passwords I can remember easily and most are the same. So after the video, I need to make more complicated, unique passwords which of course are harder to remember. My solution is to use the password generator in my password manager, create a complex password, copy the password from the generator and paste into the secure notes section of the password manager. There is an entry heading suggesting the Word file name for each file password protected and the complex password is in the body of the entry. So to use it, I open the Word file and in the password field paste in the appropriate password from the secure notes section of the password manager. Once set up, it is just a paste operation. The password storage is secure. The password can be very complex and I don't have to worry about where the passwords are stored.
Thanks very much for your demonstration, huge eye opener for many!
Thanks Liron !! Very informative as always. I watch all of the videos and I appreciate all the hard work that goes into them. Keep up the great job !! 👍👍 ⭐️⭐️⭐️⭐️⭐️
Thanks for another great video! Do you have a link for the info graphic showing the correlation between password length and time to decrypt? Would love to share that with family & friends.
Again a big eye opener Liron so will be changing passwords to sentences that mine alone I hope. Those space passwords are clever.
@LironSegev
Жыл бұрын
yes!!! keep your stuff safe :)
Very fine, Liron. Congratulations for explains to education and conscientization on security.
Thank you. This is definitely a "needed", and I really appreciate it.
@LironSegev
Жыл бұрын
Appreciate you being here 🔥
I have watched a few of your vids, so I figured its about time I left a comment. I really love your videos. Not because of the content, but because of the way you present them. Even though, I rarely come across things here that I dont already know, I watch them anyway because of the way you present them. it makes it super easy to send it to my non techie friends, since I know they will be able to understand it easily.
@LironSegev
Жыл бұрын
I appreciate that!
Learned much on passwords today. Thank you. :)
All your videos are really good. Thanks very much.
Thanks for scaring me. My favourite method of composing a password is to take the first line of a book "Scarlett O'Hara was not beautiful, but men seldom realized" and use the first letter of each word (or the last). In this case it is sownbbmsr and then add some decoration "sownbbmsr!*!". I believe that would be resistant to a hash file. BTW the book in this case is Gone with the Wind.
Protip: Never check your password "strength" on a password strength testing website. Some will obviously be collecting all passwords and making a dictionary out of them.
@axolotique
Жыл бұрын
noted
Which password manager is the best or should just create your own? Thank you for all your great videos. I have learned a lot.
Very informative video, thank you .
OMG! Just made me realize why I use song titles and we'll known phrases and sayings. Thanks again. Your a genius. 👍
@LironSegev
Жыл бұрын
Happy to help and thanks for being here!
I really appreciate everything that your sharing on your KZread channel. They are very helpful. Thank you .
Hey Liron, could you do a video on expanding your battery life on smartphones please? It'll be very helpful and informative for us. Thanks.
Liron, what do you think about password managers like Bitwarden, Lastpass, etc?
Great video again 🙂 Thanks for giving people nice security advices. If I can add something , it's not creating a password with commom names or people surnames in it (eg: cat35€Michael^685) they can be found in permutation dictionnary-based attacks . And my favorite advice : I sometimes use long latin sentences . Yep , latin words are never included in dictionnaries.
@LironSegev
Жыл бұрын
100% - I am seeing more non-English words appearing in dictionaries these days, but absolutely use Latin words or any other language words that you can phonetically write in English.
@Hugh248
Жыл бұрын
I know lots of words that can be written using English letters, from another language i won't say which one though
@klwthe3rd
Жыл бұрын
@@LironSegev You are spot on. Even foreign words are finding their ways into rainbow tables these days.
@spocksvulcanbrain
Жыл бұрын
@@klwthe3rd And why wouldn't they. It's not as if hackers only attack those accounts from English-speaking users.
You have given me a very good idea for a password which I have modified upon so for that... Thankyou
I despair. I'm going to buy notepads, pencils and a flock of trained homing pigeons.
Very interesting and informative! Thank you!
@LironSegev
Жыл бұрын
Glad it was helpful!
Very valuable information. Thank you very much
Thats a very helpful video, but can you please tell me how did you transfer the word document from your windows to your kali?
I hate that browsers even ASK you to save passwords knowing that will be a honeypot for hackers to attack. Definitely worth disabling in the settings.
@LironSegev
Жыл бұрын
100%
@KWHCoaster
Жыл бұрын
I don't even like websites that let you save your account name/number.
Awesome information. Thank you! Now beginning the long task of changing ALL of my passwords..... this is going to take a while 🤔
Another fantastic video! Thanks for making our online life safer.
@LironSegev
Жыл бұрын
Happy to help!
Been using the mixed caharcter 8 letter password for some time but it certainly looks like moving to 9 or 10 characters is really worth while.
@LironSegev
Жыл бұрын
really does make a massive difference adding just one more character because of the additional permutations.
Thank you! What about the Credentials storage?
Holy smokes man! Thanks so much for sharing your findings and putting this information up. All of your videos are excellent for learning the ins and outs of online safety and security.
I use passwords that contain characters not on the extended ASCII list, such as: ½+¼=¾ or 3²+2³=17¹ ; the ¾, ², ³, ¹ won't be on your list of millions of passwords. Sometimes those characters are not allowed so I just use a very long password with lots of special ASCII characters. That's true on phones as well.
@buggaboo2707
Жыл бұрын
unicode
Thank you Liron, this is great
@LironSegev
Жыл бұрын
You're very welcome
Thank you for showing the vulnerability of storing one’s password in a browser. I have been suspect how hackers might backdoor into password keys.
Thank you very much for this very useful information. 🙏🙏
Appreciate the tips!
@LironSegev
Жыл бұрын
Happy to help!
Thank you for your time, sharing this critical information with us !!
@LironSegev
Жыл бұрын
My pleasure!
Thanks for this awesome video! Much appreciated. One question: What about using Latin words, Hebrew words, AND storing them in the password lock boxes, such as Mcafee, or Advast, any of the security companies instead of using Chrome, or Google. Yes, Chrome and Google are extremely handy to use, but, at what expense?
@LironSegev
Жыл бұрын
100% - I use phonetically spelt words such as Hamesh (5) or Bayit (home) - odds of people having those as part of a phrase are dramatically low
Great video! You showed how Google Chrome's way of saving passwords is not secure. Is that also true of Apple's iCloud Keychain?
Thank you so much for this!!
Superb vid. Thanks!
Always great info thank you.
15 yr old daughter's friend cracked her iphone's password. they asked permission she said yes. now she made a better password since i told her basically the same thing. yep she didn't believe when when i showed her the power of linux but listens to friends 😑😅 great video
thankyou so much for your VIDEO its so imperative..and everybody needs to KNOW
Amazing Video Liron, perhaps you can do a tutorial about Wi-Fi Router hacking and the best way of protecting a Router with a BETTER password, maybe using Kali Linux , please Liron, consider this buddy.
@LironSegev
Жыл бұрын
good idea
Excellent!!! Thanks for demoing.
@LironSegev
Жыл бұрын
My pleasure!
Almost seems like a waste of time having a bloody password. Great video mate but scared the crap out of me 😱
Excellent, as always!!🎉
@LironSegev
Жыл бұрын
Thank you so much 😀
So here I am, with 50 accounts with mostly different passwords. The whole account process is driving me crazy.
Very helpful!
Wow..awesome video..thanks...this will be going out to my contacts
@LironSegev
Жыл бұрын
Appreciate you being here and of course sharing!
Liron, several viewers have proposed using known-by-heart passages from favorite books, taking the 1st letter of each word to form the password. I use favorite lines from obscure poems in a similar way. How does this strategy score in your collection of password alternatives, please?
Thanks for the tips. The passwords I use have all those characteristics and are long, but I didn't realize the one about the "Browser'. Should I let "Edge" keep my Passwords and Google also, when I use these passwords?
@LironSegev
Жыл бұрын
I would use a Password Manager and not the browser
SpongeBob Narrator Guy: One eternity later Liron Segev: Alright so it's been 12 hours...
Very nice info, thanks. 👍👍👍
@LironSegev
Жыл бұрын
My pleasure
Thank you men 😊
Well, woah ! Thanks for the tips 👍👍
@LironSegev
Жыл бұрын
You bet!
You are the best. Very useful
@LironSegev
Жыл бұрын
Happy to help
The problem with such a long password is you forget what it is and have to go through the process of coming up with another one. I have had the correct password rejected on some accounts and had to come up with a new one.
My understanding was that the hackers didn’t actually have access to the password itself to work on like in this simple test, so aren’t they limited to a few tries and then locked out like the rest of us? Very interesting adding even one more to your pass can have that much effect.
@benidraco
Жыл бұрын
They are when they trie a online Atack but u can extract the Hash witch is the encryptet Password. They take the Hash copy it to a local achine and then u dont have to worry about this Systems and when u cracked the Password just log with that in.
thank you so much for knowledge
THANK you very much really eye opening!!! i will change all my passwords. Namaste from Holland
@LironSegev
Жыл бұрын
You're so welcome!
Super Great video Man , thanks
100 people think they are clever now by changing their passwords to "I subscribed to this channel!! lol
@LironSegev
Жыл бұрын
🤣
So, so true, especially of BikTek troll-hackers of their own customers.
Good evidence that we should all use two factor authorization whenever possible. Its inconvenient but well worth the extra minute of time.
@LironSegev
Жыл бұрын
100%
Gracias! I began 17 character passwords approximately 2 years ago for that reason.
BTW our "learning institutions should have teachers like you, then everyone would learn a lot!!!
Great Vid man
@LironSegev
Жыл бұрын
Appreciate you being here 🔥
I let my password manager to generate one with 100 characters, then i copy and paste when needed, just seconds and give me more security. Only ones I cannot allow that are Google and Microsoft, because when setting a new phone or PC could be crazy to write the complete password 😅
@Ken.-
Жыл бұрын
Not that this matters but a hash is only going to store so many possibilities, such that many shorter passwords will hash to the same as a 100 character long one.
I like having four random words and some random numbers in my password (1 English, 1 Italian, 1 French, 1 greeklish and some numbers sprinkled between them). I have some books i turn them in the same page and i pick 4 words in a way that i will remember them.
Thanks Liron
@LironSegev
Жыл бұрын
You got it
jokes on you my password is the first trillion digits of pi.
NIST recommends long passwords and forget complexity. All complexity does, is make it very hard to type (and remember). I like Canterbury tales for phrases, including blanks when possible: "A clerk had litherly biset his whyle" You'd have to have my book to even start to guess and sometimes even spelling varies from edition to edition.
what type of application are you using sir
Is it okay to copy & paste mega super long passwords from a list you keep in an encrypted excel spreadsheet? That way, i only need to memorize the mega super long password of the excel file.
I always use at least 10 characters, usually 12+, mixed case, numeric and special characters. And based on personal experiences or personal trivia. Yup, I NEVER let browsers save my passwords. I even don't like the idea of password managers (i.e. KeePass), putting all your eggs in one basket to me. I don't like storing passwords digitally anywhere, I prefer cryptic analog.
Excellent .
@LironSegev
Жыл бұрын
Many thanks!
What are you using? A PC, how many cores, a video card? Remember hackers kinda made up the leet speek (replacing 3, with E) so they know to look for that. As well you are also using a found password lost file, so if the password is not in there it won't find it. Not really all of the info there to really show what you are doing.
This is a type of brute force attack called a dictionary attack. You can also brute force without a pre-existing list of words by randomly generating strings as you try.
@LironSegev
Жыл бұрын
100%. I think of it as Brute force is the general type of attack, Dictionary is the method.
Great video
@LironSegev
Жыл бұрын
Thanks for hanging out here 👍
So isn't the solution 2-factor authentication. I always use a minimum of 12 characters, including, numbers, upper case, lower case, and special characters, plus 2 factors authentication on my phone. How can that be cracked?
@LironSegev
Жыл бұрын
2fa is a must but remember that even 2FA is not foolproof. There are ways to get around that too but 2FA makes it much harder for the average hackers/ scammer.
@JimboJones-qn4wd
Жыл бұрын
@@LironSegev Cheers mate, love, your work.
@chrisguli2865
Жыл бұрын
For max security use a 2nd phone 2FA with a phone number only you know and not in your own name. Avoid Google authenticator. Use another email you don't normally use and of course not one of the free ones. 2FAS has an additional password layer and you can back up the token file unlike with google auth. Increase the length to 23+ chars.
It's really the uniqueness rather than the number of characters when you're dealing with hashes.
@LironSegev
Жыл бұрын
true - by definitiion, the more number of characters you add to the mix the more uniqueness you introduce. Its a probability game IF the word is in the list in the first place of course
Good one
Aren't most portals limiting the number of failed login attempts? I thought it is like 3 or 5 attempts and your account is locked. So how can then these random tries break my password? Am I missing something?
what about simple pswd's, but 2 passes thru the encryption algo?
I use pwr generator and I try not to save my passwords in a browser, but I still do not trust if they aren't saved somewhere in cookies or the browser even though I always click NO to save my password. Please make a video where you explain how to check if these passwords aren't saved somewhere and how to turn off this function or completely get rid of it.
I knew from past experience that password protection in zip was very easily cracked (with the right utility) but have not tried other file types.
subscribed immediately
@LironSegev
Жыл бұрын
Appreciate you being here 🔥
Awesome 👍