Tag Archives: cybersecurity

NCAM Message 1 – Passwords: Don’t Spray It or Replay It

It is National Cybersecurity Awareness Month so I’ll share a few cybersecurity messages with you. In this initial post, I want to make you aware of two methods hackers use to gain access to your work and personal computing systems and what you can do about it.

Some of the most common problems/vulnerabilities with the passwords we use involves password spray and password replay, two terms commonly used in the cybersecurity world.

Password spray simply means automatically testing combinations of common passwords and known usernames on a system. You know how poor the most popular passwords are these days—those are lists that attackers keep close on hand. This is a straight numbers game.

By contrast, password replay attacks exploit our fondness for reusing the same passwords on different systems. Made much worse when people reuse passwords from their personal accounts on their work ones.

Two solutions to prevent this from happening to you:

Bad Passwords
  1. Don’t use common words or terms for your passwords, such as P@ssword1, MyD0ghasFle@s, etc.  These are primary targets for the lists hackers keep and use constantly to gain access to systems
  2. Don’t use the same password for multiple services, i.e. work, school, bank, etc.  Doing so allows a hacker to gain access to all your confidential and sensitive data once they determine one of your passwords.

Which means we have to create and remember multiple passwords for different systems.  How are you supposed to do that?

The answer is by using a password manager.  Stay tuned for the next installment of this series on passwords, where I will cover one solution we already are licensed for and use at Sul Ross.