6.3 Password Guessing

Password guessing takes many forms. Several unusual stories have appeared over the years on computer security discussion groups.

An Incident: A woman found a coworker using her password-protected computer. She confronted the coworker, who admitted to having found her password by phoning the “Psychic Friends Hotline.” A helpful psychic had told her the password.

The story is probably an urban legend, but it carries a nugget of truth. Careless or untrained computer users often choose passwords with a strong personal association. Through careful listening and observation of such people, a potential attacker can construct a list of likely passwords. Traditionally, a so-called “psychic” establishes credibility by speaking ...

Get Elementary Information Security, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.