+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Here's How Hackers Took Over The Burger King Twitter Account

Feb 21, 2013, 01:26 IST

Burger King and Jeep both saw their Twitter accounts get hacked this week.

Advertisement

How and why does this happen?

Bruce Schneier is a revered computer security expert, prominent for his thoughts on the intersection of technology, security, and trust.

He was kind enough to fill us in on the details surrounding how hacks like these are possible.

How a Twitter account gets hacked

Advertisement

A person attempting to break into an account isn't hunched over a keyboard typing guessed password after guessed password until something works. He'll use a password cracker.

A password cracker is a piece of software that employs a technique to guess passwords much more quickly than a human ever could. The two most common approaches are the "brute force method" and the "dictionary method." While the dictionary method simply tries every word in a dictionary until it works, the brute force method tries every possible combination of characters (including numbers and punctuation) until something works.

Brute force will always eventually reveal the password, but it might take a long time.

Cracking software is only getting better, as Schneier explains on his blog:

"It's not just computing speed; we now have many databases of actual passwords we can use to create dictionaries of common passwords, or common password-generation techniques. (Example: dictionary word plus a single digit.)"

Advertisement

And as the cracking software gets better, the passwords get weaker and therefore easier to hack.

What Twitter can do to help protect its users

We asked Schneier if Twitter could implement a two-step verification login system (which Google's been using for a long time now). He said, "Yes, but usability is the most important consideration here. Twitter wants people to use their system, not be annoyed by the security."

Strategies to come up with your own secure passwords

XKCD

Advertisement

click to view large

Who better to ask for password advice than a security expert? Schneier actually endorses the above comic, saying it's "a good method."

Schneier's personal strategy is to use an open source program of his own design called Password Safe that generates super-secure passwords based on a string of text that you input.

You can use it yourself! It's free and you can read the details on it right here.

The future of security

Advertisement

My thought was that as computers get more powerful, that will make it easier to crack passwords in the future, but Schneier was quick to set me straight: "I'm not sure increased computing power has anything to do with it."

He suggests that the biggest threat to computer security is complexity. As he put it, "the internet and all the systems we build today are getting more complex at a rate that is faster than we are capable of matching. So security in reality is actually improving but the target is constantly shifting and as complexity grows, we are losing ground."

The bottom line

Your email, Twitter, and other accounts are only as safe as your password is secure. Be smart as you pick them. Use the methods described above – they come endorsed by a leading cryptographer and technologist.

He's quite literally giving you the tools to keep your data as secure as he does.

Advertisement
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article