A Hybrid attack uses the underlying strategies of both a brute force attack and dictionary attack in order to get past a password. It uses the dictionary attack to consider the extensive word list of available passwords while the brute force attack will apply each of the possible combinations to crack the correct password.
A Hybrid attack is commonly used by cyber-crooks to breach security walls by figuring out the correct password combinations.
Let’s take an example to understand it better.
Say hackers are looking for a 4 digit pin, so using the dictionary strategy they will start making combinations starting from 0000,0001,0002 till 9999. With the Brute force attack, they will start applying each password to guess the correct match.
Besides this cyber-criminals can also deploy keyboard patterns to crack the correct account credentials.
So, a simple and short password is easy to guess while on the other hand, a complex, unusual, and long password is hard to guess.
Examples of weak passwords
- Regular dictionary words like Scotter, dog, etc.
- A combination of a common dictionary word and a few numbers ex: Aero1plane2.
- Use of a series of numbers and characters in a repeated order ex: 12345, 111111, AAAAA, ABCDE.
- Use of keyboard series like asdfg, zxcvb, or qwerty.
- Passwords containing personal information (e.g., birthdays, Social Security number, addresses, names of pets or friends, etc).
Common Password Rules That Security Experts Advocate
If you want to stay guarded against a Hybrid attack your password has to be resistant and random in nature.
Here are some of the laid down benchmarks that security experts recommend safeguarding your system from a Hybrid attack.
- Change your password on a regular basis every three or six months.
- Never use the same password for multiple accounts. Doing this will make you vulnerable to a Hybrid attack.
- Change your password if you think that it resembles a machine or human.
- Never use your passwords on public devices, the ones connected to public WiFi, or the ones in an Internet cafe.
- Always click on the “Never” button on the pop-ups asking you to save your password for future use.
- Do not write or save your password anywhere.
Few Examples of a Strong Password.
Before seeing some of the examples let’s go through the ground rule of a strong password.
- It should be of a minimum of 8 characters.
- It should be a combination of alphanumeric characters and special characters.
- Combination of two words along with few numbers here and there.
Example 1: Let’s meet at 6:00 AM for a walk, become Lma6!faw!
Example 2: What is the name of your first dog? Becomes @Witnoy1d.
Besides the manual way, you can also opt for a password manager for fighting against a Hybrid passwords attack.
