Thursday, August 11, 2022
  • Convergence and adoption of AI and ML countering the cyber threat
  • Twilio Breach: Three Steps to Protect Your Company
  • Is Your AppSec Program Developer-Centric?
  • Traditional Security Won’t Cut It for Secure Cloud-Native Applications: Here’s Why
  • Building a modern API security strategy — API components

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Events
    • Upcoming Events
    • Upcoming Webinars
    • On-Demand Events
    • On-Demand Webinars
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • Techstrong Group
    • Container Journal
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
    • Digital Anarchist
  • Media Kit
  • About Us

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Identity & Access Security Bloggers Network 

Home » Cybersecurity » Identity & Access » How Deep Learning Is Making Computers Better at Guessing Your Passwords

SBN

How Deep Learning Is Making Computers Better at Guessing Your Passwords

by Tripwire Guest Authors on June 17, 2018

Recently, researchers from The New York Institute of Technology and the Stevens Institute of Technology computer science department released a paper about using a relatively new machine learning technique to make computers 18-24 percent better at guessing your passwords than ever before. In this article, we’ll covert:

  • The historical context in which this technology lives
  • What this technology could be used for by criminals
  • How this technology works
  • How to use it if you’re a red-teamer
  • How to protect yourself as a user
  • How to protect yourself as a blue-teamer in charge of an enterprise

First, let’s talk about what we mean when we talk about “guessing passwords,” as that’s a fairly nebulous term. In this case, we’re talking about cracking password hashes offline. That may leave you asking “What are password hashes?” A fair question.

What are Password Hashes?

When you see large data breaches like Dropbox, LinkedIn, Ashley Madison, etc., what was released was a list of (typically) emails and password hashes. The point of a hash in a security context is that its input cannot be determined by its output.

For example, say I give you “5f4dcc3b5aa765d61d8327deb882cf99.” That’s the md5 hash of “password.” You cannot determine that 5f4dcc3b5aa765d61d8327deb882cf99 is the hash of password unless you try hashing “password” and see that the hash to “password” is 5f4d…cf99. There are no shortcuts, and you cannot go backwards.

This is useful in security because it means that a site like Adobe or LinkedIn or Google can have hundreds of millions of user accounts but not store anyone’s actual password. Even so, they can still check if you know your password even if they don’t know it. This is achieved by only storing the hash of a password instead of the password itself. (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/how-deep-learning-is-making-computers-better-at-guessing-your-passwords/

June 17, 2018June 18, 2018 Tripwire Guest Authors Cyber Security, deep learning, Featured Articles, hashing, passwords
  • ← 5 Mobile Enterprise Data Concerns to Prepare for Now
  • The Shared Security Weekly Blaze – Ultrasonic Hard Drive Attacks, Dangerous USB Devices, Email Fraudsters Arrested →

TechStrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy
  • This field is for validation purposes and should be left unchanged.

Most Read on the Boulevard

Slack App Leaked Hashed User Passwords for 5 YEARS
Twilio Fails Simple Test — Leaks Private Data via Phishing
GitHub Zero-Day: From 35K Repos Compromised to False Alarm
API Security: A Complete Guide
The Fall of Passwords and the Rise of Analytics
SOC 2 Compliance: Q&A with Compliance and Security Expert David Carter
Aspen Security Forum 2022 – Anja Manuel’s ‘Day 3 Opening Remarks’
Aspen Security Forum 2022 – ‘The New Russian Empire?’
Is Your Government Organization Cyber Resilient?
Balbix brings Snow and Ice to Vegas @ BlackHat 2022

Upcoming Webinars

Wed 17

Code Tampering: Four Keys to Pipeline Integrity

August 17 @ 1:00 pm - 2:00 pm
Mon 22

API Security

August 22 @ 1:00 pm - 2:00 pm
Wed 24

Implementing Identity Access Prioritization and Risk-Based Alerting for High-Fidelity Alerts

August 24 @ 1:00 pm - 2:00 pm
Tue 30

CISO Talk Master Class Episode: Catch Lightning in a Bottle – The Essentials: Bringing It All Together

August 30 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

7 Must-Read eBooks for Security Professionals

Industry Spotlight

MiCODUS Car Trackers are SUPER Vulnerable and Dangerous
Analytics & Intelligence Application Security Cloud Security Cybersecurity Data Security DevOps Editorial Calendar Featured Identity & Access Identity and Access Management Incident Response Industry Spotlight IoT & ICS Security Malware Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

MiCODUS Car Trackers are SUPER Vulnerable and Dangerous

July 21, 2022 Richi Jennings | Jul 21 0
How AI Secures the Future of Digital Payments
Application Security Cloud Security Cybersecurity Data Security Industry Spotlight Security Boulevard (Original) 

How AI Secures the Future of Digital Payments

July 18, 2022 Natasha Lane | Jul 18 0
HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook
Analytics & Intelligence Application Security Cloud Security Cyberlaw Cybersecurity Data Security Endpoint Featured Governance, Risk & Compliance Identity & Access Incident Response Industry Spotlight Most Read This Week Network Security News Popular Post Security Boulevard (Original) Spotlight Threats & Breaches Vulnerabilities 

HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook

June 17, 2022 Richi Jennings | Jun 17 Comments Off on HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook

Top Stories

Twilio Fails Simple Test — Leaks Private Data via Phishing
Analytics & Intelligence Application Security Cloud Security Cybersecurity Data Security DevOps Featured Governance, Risk & Compliance Identity & Access Incident Response Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Twilio Fails Simple Test — Leaks Private Data via Phishing

August 9, 2022 Richi Jennings | 1 day ago 0
GitHub Zero-Day: From 35K Repos Compromised to False Alarm
Application Security Cybersecurity Featured Incident Response Malware News Security Boulevard (Original) Spotlight Threat Intelligence Vulnerabilities 

GitHub Zero-Day: From 35K Repos Compromised to False Alarm

August 8, 2022 Gabriel Liechtman-Manor | 2 days ago 0
Slack App Leaked Hashed User Passwords for 5 YEARS
Analytics & Intelligence API Security Application Security Cloud Security Cybersecurity Data Security DevOps Editorial Calendar Featured Identity & Access Incident Response Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Slack App Leaked Hashed User Passwords for 5 YEARS

August 8, 2022 Richi Jennings | 2 days ago 0

Security Humor

Robert M. Lee's & Jeff Haas' Little Bobby Comic - 'WEEK 393’

Robert M. Lee’s & Jeff Haas’ Little Bobby Comic – ‘WEEK 393’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Container Journal
  • DevOps.com
  • Techstrong Research
  • Techstrong TV
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
  • Digital Anarchist
Powered by Techstrong Group
Copyright © 2022 Techstrong Group Inc. All rights reserved.