One way to reduce the effectiveness of a non-electronic password attack is to introduce two-factor authentication. Two-factor authentication typically consists of a password, as well as some sort of physical or digital token that can be used in order to prove your identity. Whilst this may not completely stop those who wish to do harm from attacking the company, it will make it much harder for them. This is because two-factor authentication requires more than just a password, in this case, access to the token linked to your account. This means that whilst it does not prevent a non-electronic password attack from occurring, it will help to reduce the chances of an attack succeeding.
Another way that some companies try to combat these kinds of attacks is by constantly changing their passwords. To keep employees from writing them down or having to remember them, they are changed frequently by corporate policy. Due to the fact that these passwords are often still traditional alphanumerical strings, they can be cracked by brute force. One way around this is to implement a password policy where you have longer, much more secure passwords. These password policies should also include things such as changing the character case or requiring digits along with letters in the password string. Another way to combat non-electronic password attacks is through the use of VPNs and other forms of encryption. By using forms of encryption, an attacker will either not be able to intercept your traffic or will have significant difficulty doing so.
Key Points:
Non-electronic password attacks are a serious risk to computer security, and should not be taken lightly. This is both due to the ease with which they can be perpetrated and the number of attacks that take place. Although it may seem an unlikely attack at first, well-intentioned employees may inadvertently be caught up in such an attack themselves. To prevent an attack from occurring, you can do a number of things. This includes implementing two-factor authentication as per above, or simply changing your password on a regular basis. Keeping systems updated and running antivirus software will also go a long way in keeping your systems secure from harm.
Another way that some companies try to combat these kinds of attacks is by constantly changing their passwords. To keep employees from writing them down or having to remember them, they are changed frequently by corporate policy. Due to the fact that these passwords are often still traditional alphanumerical strings, they can be cracked by brute force. One way around this is to implement a password policy where you have longer, much more secure passwords. These password policies should also include things such as changing the character case or requiring digits along with letters in the password string. Another way to combat non-electronic password attacks is through the use of VPNs and other forms of encryption. By using forms of encryption, an attacker will either not be able to intercept your traffic or will have significant difficulty doing so.
Key Points:
- Non-electronic password attacks are typically carried out through brute force or social engineering.
- Non-electronic password attacks are typically stopped by the use of two-factor authentication and constantly changing passwords.
- 2-factor authentication.
- Long, complex password policy.
- Encryption.
- Use 2FA with a strong password and remember how to reset it. Use encryption. (Not sure of the best one, but this is key!) Keep your system up to date as much as possible.
- We want to limit an adversary’s ability to move laterally. Be careful when opening email attachments, and use antivirus software.
Non-electronic password attacks are a serious risk to computer security, and should not be taken lightly. This is both due to the ease with which they can be perpetrated and the number of attacks that take place. Although it may seem an unlikely attack at first, well-intentioned employees may inadvertently be caught up in such an attack themselves. To prevent an attack from occurring, you can do a number of things. This includes implementing two-factor authentication as per above, or simply changing your password on a regular basis. Keeping systems updated and running antivirus software will also go a long way in keeping your systems secure from harm.