We've recently seen an increase in the number of customers having their virtual, dedicated & colocated servers broken into by remote hackers. In most cases it occurred because the passwords on the customers root or administrator account were not strong enough.
If your server answers SSH or Remote Desktop / Terminal Services from any source it's extremely important that your passwords are not susceptible to brute force hacking attempts. Brute force hacking is when a remote computer will try to login to your server by trying hundreds of thousands or even millions of passwords, starting with the dictionary as a reference.
Once the hacker gains entry to the server it can be disastrous, usually they'll take whatever information they can from the server and then start using the server as a launch pad for attacks on other Internet computers.
This ugly situation can be avoided by using strong complicated passwords that do NOT contain dictionary words. Below we show you an estimate of the differences in the time required to brute force different types of passwords;
swimming77 (2 hours with common dictionary attack)
VNrmMp (2 weeks with full brute force attack)
KAT9zVw3 (2 years with full brute force attack)
gS\x24x(5#w:6!7 (100 years with full brute force attack)
Our recommendation is to use an 8 digit randomly generated password containing upper & lower case letters, numbers and at least one symbol.
- 0 Users Found This Useful