But the ideal solution would be to choose a password which takes longer time to crack. Hackers can find someway to crack our password, all we have to make them try stronger and harder. Passwords are usually cracked using a method called as Bruteforce attack where a malicious tool tries to match all the type of password combination available against the target system. More complex the password is, more are the combinations to be tried and less probable it becomes for the tool to guess our password right.

This website, HowSecureIsMyPassword, gives us an idea on how long it takes to crack a password with a normal desktop PC. We can try various combinations, longer password/different character sets and analyze the results.

So as mentioned earlier we should choose a password which takes at least more than ‘a year’ to crack. This arbitrary value – ‘a year’ is based on the assumption that we would change our passwords once in every year so by the time the cracker obtains our password, we would have changed it

Guys from Whatsmypass have published a list of Top 500 worst passwords, check it out here, and make sure that you don’t use any one of them.

Another site provides crack time matrix of different types of character sets, length based on the system which is used for cracking it. HowSecureIsMyPassword assumes that the cracker uses class D and estimates the time, link.

Check the site to calculate approx time taken to crack your password.

HowSecureIsMyPassword

How Secure Is Your Password Info
App Name	How Secure Is Your Password
License	free
Type	online
App URL
More Info	link

Read this post about Indian Income Tax phishing site.

Take these Phishing quizzes to sharpen your skills to identify the fake sites.

1. Verisign’s – Phish No Phish

URL: https://www.phish-no-phish.com

2. OnGuard Online – Phishing Quiz

URL: http://www.staysmartonline.gov.au/games-videos/quizzes/flash_listing/quizzes/phishing_quiz/phishing_quiz.html

3. SonicWALL Phishing and Spam IQ Quiz

URL: http://www.sonicwall.com/phishing/

4. Washington Post – Catch a Phish

URL: http://www.washingtonpost.com/wp-srv/technology/articles/phishingtest.html

Running Backtrack

BackTrack4 VM can be downloaded from the backtrack site (link at the end of the post) and to run the VM, we need the free VMWare Player.

Install the VMWare Player and open the BT VM with it. We are good to go with the default configuration unless we have more RAM to spare (Its recommended to provide 512MB of RAM if you have around 2GB).

Adjust Backtrack VM RAM

Default Credentials

Backtrack VM comes with the default login credentials (which can be changed later, ofcourse)

bt login:  root
Password:  toor
. . .
root@bt:~#  startx

We should be able to see the BackTrack OS up and running by this time. If you face any difficulties with the screen resolution, install/upgrade your VMWare tools.

BackTrack VM Up and Running

Change Default Credentials

Once the OS is loaded, access the terminal from the taskbar and use the ‘passwd’ command to change the password.

bt~#  passwd
bt~#  New Password : ******
bt~#  Re-enter Password: ******

Enable Networking to Access Internet

Many a times internet might not work at the first shot. If it doesn’t do as mentioned below.

1. First find out the IP address/Default Gateway of you the HOST PC (Assuming that it’s an Windows OS, do ‘ipconfig’ in DOS Terminal)
2. Choose any arbitrary IP address, should be in the range of the IP of the host, and ensure that its not used.
3. In the BackTrack Terminal, type the following commands

bt~#  ifconfig eth0 up
bt~#  /etc/init.d/networking start

Once you have BackTrack running and Internet enabled, you are all set to use the tools bundled with this OS.

Backtrack VM Download Info
App Name	Backtrack VM Download
License	free
Type	OS
App URL
More Info	link

VMWare Player Download (Free):