The Washington Post has an interesting story about how the Secret Service is using 4,000 of their computers in a Distributed network attack. The attack is to break passwords on encryption keys. We all know that getting software to encrypt our computers is simple and the software is powerful. Breaking into the encryption itself is not simple but the Secret Service has found that the real Achilles Heel of a suspect’s encrypted computer is their passwords. The Secret Service has found that by using all the emails and plain text documents they find on the suspect’s computers, they can create a brute force word list that will normally find the password for the encryption in no time at all. Lesson learned? Create strong passwords unrelated to anything on your computer. Here is more from the article…
Hansen said AccessData has learned through feedback with its customers in law enforcement that between 40 and 50 percent of the time investigators can crack an encryption key by creating word lists from content at sites listed in the suspect’s Internet browser log or Web site bookmarks. “Most of the time this happens the password is some quirky word related to the suspect’s area of interests or hobbies,” Hansen said.
Interesting