PASSWORD HACKING COUNTERMEASURES

Avoid Public WiFi

Free access points are available at restaurants, hotels, airports, bookstores, and even random retail outlets, you are rarely more than a short trip away from access to your network, and your work. This freedom comes at a price, though, and few truly understand the public Wi-Fi risks associated with these connections.

The same features that make free Wi-Fi hotspots desirable for consumers make them desirable for hackers; namely, that it requires no authentication to establish a network connection. This creates an amazing opportunity for the hacker to get unfettered access to unsecured devices on the same network.

The biggest threat to free Wi-Fi security is the ability for the hacker to position himself between you and the connection point. So instead of talking directly with the hotspot, you're sending your information to the hacker, who then relays it on.

While working in this setup, the hacker has access to every piece of information you're sending out on the Internet: important emails, credit card information and even security credentials to your business network. Once the hacker has that information, he can — at his leisure — access your systems as if he were you.

Hackers can also use an unsecured Wi-Fi connection to distribute malware. If you allow file-sharing across a network, the hacker can easily plant infected software on your computer. Some ingenious hackers have even managed to hack the connection point itself, causing a pop-up window to appear during the connection process offering an upgrade to a piece of popular software. Clicking the window installs the malware.

As mobile Wi-Fi becomes increasingly common, you can expect Internet security issues and public Wi-Fi risks to grow over time. But this doesn't mean you have to stay away from free Wi-Fi and tether yourself to a desk again. The vast majority of hackers are simply going after easy targets, and taking a few precautions should keep your information safe.

Use VPN

A virtual private network (VPN) connection is a must when connecting to your business through an unsecured connection, like a Wi-Fi hotspot. Even if a hacker manages to position himself in the middle of your connection, the data here will be strongly encrypted. Since most hackers are after an easy target, they'll likely discard stolen information rather than put it through a lengthy decryption process.

Phishing Email

• Don’t trust the display name
• Look but don’t click
• Check for spelling mistakes
• Don’t give up personal information
• Beware of urgent or threatening language in the subject line
• Don’t click on attachments
• Don’t believe everything you see

Use HTTPS Everywhere

You aren't likely to have a VPN available for general Internet browsing, but you can still add a layer of encryption to your communication. Enable the "Always Use HTTPS" option on websites that you visit frequently, or that require you to enter some kind of credentials. Remember that hackers understand how people reuse passwords, so your username and password for some random forum may be the same as it is for your bank or corporate network, and sending these credentials in an unencrypted manner could open the door to a smart hacker. Most websites that require an account or credentials have the "HTTPS" option somewhere in their settings.
Use strong passwords

A strong password is designed to be complex and therefore difficult to guess or crack. To be sufficiently complex, it must:

• be 8 characters or longer,
• use a combination of upper and lower case letters, and
• include at least one numeric and/or special character (&, ?, @, etc.), punctuation, and spaces.

A pass-phrase or sentence is a very secure way of creating passwords that are both hard for others to crack and easy to remember by you.

Disable USB ports

1. Enter the BIOS setup.
2. Once in the BIOS setup, check the menus for an option to enable or disable the onboard USB ports.
3. Make sure all USB options and Legacy USB Support options are disabled or off.
4. Save and Exit the BIOS after making the changes. Typically, the F10 key is used to save and exit.
5. After the computer has rebooted, check the USB ports to make sure they have been disabled.

Lock BIOS 

1. On boot, press [F2] to access the BIOS setup.
2. Under System, select Boot Sequence.
3. Make sure the Internal HDD is the only device with a number beside it.
4. Press [Esc], and select Save.
5. Under Security, elect Admin Password.
6. Set an admin password. (This will prevent someone from changing boot options or changing the BIOS setup, but it won't interfere with normal operation.)

Use Full Disk Encryption 

Disk encryption is a technology which protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. It is used to prevent unauthorized access to data storage.

Expressions full disk encryption (FDE) or whole disk encryption signify that everything on disk is encrypted, but the master boot record (MBR), or similar area of a bootable disk, with code that starts the operating system loading sequence, is not encrypted. Some hardware-based full disk encryption systems can truly encrypt an entire boot disk, including the MBR.

Use Password Manager

The major benefit of using a password manager is that you only need to remember a single master password. This allows you to easily use unique, strongpasswords chosen for each of your online accounts. Just remember one strongpassword and the manager will take care of the rest.