Subscribe to our Mailing Lists (It's free!)
Wednesday, July 9, 2025
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    Lessons learned

    Lessons learned: Ensure there are compatible adapters onboard

    Panama IMO

    Panama reaffirms commitment to protection of seafarers’ rights

    IMB piracy

    IMB: 50% increase in piracy incidents in first six months of 2025

    Norway

    Norwegian Maritime Authority: 589 incidents in first half of 2025

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    friendship

    Exploring the human need for friendship: A lifeline at sea and on shore

    neck pain

    Neck pain: A growing health concern for maritime workers

    Book Review: Building leaders the MMMA way

    Book Review: Feel grounded and think positive in 10 simple steps

    time

    Stay SEAFiT: Time is non-renewable – invest it wisely

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    COSCO

    COSCO boxship receives first bunkering of domestic green methanol

    AMSA fine

    NorthStandard: Tips to avoid pollution fines in Turkey

    IACS

    IACS reports progress on decarbonisation & digital transformation

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    floating data centres

    New partnership to develop floating data center on retrofitted vessel

    connectivity

    Innovating ocean safety: Intellian’s unified vision for connectivity and GMDSS

    autonomous navigation

    New deal aims to advance autonomous navigation technology

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
    AMSA fine

    NorthStandard: Tips to avoid pollution fines in Turkey

    OCIMF

    OCIMF Annual Report 2025: SIRE 2.0 a welcome change for the industry

    USCG

    ABS PSC Report Q1 2025: 526 total vessels detained

    paris mou lists

    Paris MoU 2024 Performance lists

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
    newbuildings xclusiv shipbrokers

    Xclusiv Shipbrokers: Newbuilding momentum slows sharply in 2025

    Watch: Avoid the risk of electrocution for shipboard welding

    Watch: Avoid the risk of electrocution for shipboard welding

    charcoal

    BIMCO: Renewable electricity sources lower coal shipments

    carriers

    Sea-Intelligence: Global schedule reliability reaches 18-month high

  • Columns
    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    NorthStandard: Data sharing to drive technology and improve crew wellbeing

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    AMPI: Seafarers face critical risks in pilot transfer rigging

    AMPI: Seafarers face critical risks in pilot transfer rigging

    Trending Tags

    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    Lessons learned

    Lessons learned: Ensure there are compatible adapters onboard

    Panama IMO

    Panama reaffirms commitment to protection of seafarers’ rights

    IMB piracy

    IMB: 50% increase in piracy incidents in first six months of 2025

    Norway

    Norwegian Maritime Authority: 589 incidents in first half of 2025

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    friendship

    Exploring the human need for friendship: A lifeline at sea and on shore

    neck pain

    Neck pain: A growing health concern for maritime workers

    Book Review: Building leaders the MMMA way

    Book Review: Feel grounded and think positive in 10 simple steps

    time

    Stay SEAFiT: Time is non-renewable – invest it wisely

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    COSCO

    COSCO boxship receives first bunkering of domestic green methanol

    AMSA fine

    NorthStandard: Tips to avoid pollution fines in Turkey

    IACS

    IACS reports progress on decarbonisation & digital transformation

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    floating data centres

    New partnership to develop floating data center on retrofitted vessel

    connectivity

    Innovating ocean safety: Intellian’s unified vision for connectivity and GMDSS

    autonomous navigation

    New deal aims to advance autonomous navigation technology

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
    AMSA fine

    NorthStandard: Tips to avoid pollution fines in Turkey

    OCIMF

    OCIMF Annual Report 2025: SIRE 2.0 a welcome change for the industry

    USCG

    ABS PSC Report Q1 2025: 526 total vessels detained

    paris mou lists

    Paris MoU 2024 Performance lists

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
    newbuildings xclusiv shipbrokers

    Xclusiv Shipbrokers: Newbuilding momentum slows sharply in 2025

    Watch: Avoid the risk of electrocution for shipboard welding

    Watch: Avoid the risk of electrocution for shipboard welding

    charcoal

    BIMCO: Renewable electricity sources lower coal shipments

    carriers

    Sea-Intelligence: Global schedule reliability reaches 18-month high

  • Columns
    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    NorthStandard: Data sharing to drive technology and improve crew wellbeing

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    AMPI: Seafarers face critical risks in pilot transfer rigging

    AMPI: Seafarers face critical risks in pilot transfer rigging

    Trending Tags

    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

Infographic: How passwords are cracked

by The Editorial Team
January 23, 2019
in Cyber Security, Shipping
cyber security challenges
FacebookTwitterEmailLinkedin

An insightful infographic by the UK National Cyber Security Centre (NCSC) provides guidance for system owners responsible for determining password policy and examining, or even challenging, existing corporate password policies, and arguing for a more realistic approach.

Passwords are an easily-implemented, low-cost security measure, with obvious attractions for managers within enterprise systems. However, this proliferation of password use, and increasingly complex password requirements, places an unrealistic demand on most users.

Inevitably, users will devise their own coping mechanisms to cope with ‘password overload’. This includes writing down passwords, re-using the same password across different systems, or using simple and predictable password creation strategies. A study within a Scottish NHS trust found that 63% of its users admitted to re-using passwords.

How are passwords discovered?

Attackers use a variety of techniques to discover passwords. Many of these techniques are freely available and documented on the Internet, and use powerful, automated tools. Approaches to discovering passwords include:

RelatedNews

Sea-Intelligence: Global schedule reliability reaches 18-month high

IMB: 50% increase in piracy incidents in first six months of 2025

  • social engineering e.g. phishing; coercion
  • manual password guessing, perhaps using personal information ‘cribs’ such as name, date of birth, or pet names
  • intercepting a password as it is transmitted over a network
  • ‘shoulder surfing’, observing someone typing in their password at their desk
  • installing a keylogger to intercept passwords when they are entered into a device
  • searching an enterprise’s IT infrastructure for electronically stored password information
  • brute-force attacks; the automated guessing of large numbers of passwords until the correct one is found
  • finding passwords which have been stored insecurely, such as handwritten on paper and hidden close to a device
  • compromising databases containing large numbers of user passwords, then using this information to attack other systems where users have re-used these passwords.

Infographic: How passwords are cracked

How to improve your system security 

1. Change all default passwords

  • Change all default passwords before deployment.
  • Carry out a regular check of system devices and software, specifically to look for unchanged default passwords.
  • Prioritise essential infrastructure devices.

2. Help users cope with password overload

  • Users have a whole suite of passwords to manage, not just yours.
  • Only use passwords where they are really needed.
  • Use technical solutions to reduce the burden on users.
  • Allow users to securely record and store their passwords.
  • Only ask users to change their passwords on indication or suspicion of compromise.
  • Allow users to reset passwords easily, quickly and cheaply.
  • Do not allow password sharing.
  • Password management software can help users, but carries risks.

3. Understand the limitations of user-generated passwords

  • Put technical defences in place so that simpler password policies can be used.
  • Reinforce policies with good user training. Steer users away from choosing predictable passwords, and prohibit the most common ones by blacklisting.
  • Tell users that work passwords protect important assets; they should never re-use passwords between work and home.
  • Be aware of the limitations of password strength meters.

4. Understand the limitations of machine-generated passwords

  • Choose a scheme that produces passwords that are easier to remember.
  • Offer a choice of passwords, so users can select one they find memorable.
  • As with user-generated passwords, tell users that work passwords protect important assets; they should never re-use passwords between work and home.

5. Prioritise administrator and remote user accounts

  • Give administrators, remote users and mobile devices extra protection.
  • Administrators must use different passwords for their administrative and non-administrative accounts.
  • Do not routinely grant administrator privileges to standard users.
  • Consider implementing two factor authentication for all remote accounts.
  • Make sure that absolutely no default administrator passwords are used.

6. Use account lockout and protective monitoring

  • Account lockout and ‘throttling’ are effective methods of defending brute-force attacks.
  • Allow users around 10 login attempts before locking out accounts.
  • Password blacklisting works well in combination with lockout or throttling.
  • Protective monitoring is also a powerful defence against brute-force attacks, and offers a good alternative to account lockout or throttling.
  • When outsourcing, contractual agreements should stipulate how user credentials are protected.

7. Don’t store passwords as plain text

  • Never store passwords as plain text.
  • Produce hashed representations of passwords using a unique salt for each account.
  • Store passwords in a hashed format, produced using a cryptographic function capable of multiple iterations (such as SHA 256).
  • Ensure you protect files containing encrypted or hashed passwords from unauthorised system or user access.
  • When implementing password solutions use public standards, such as PBKDF2, which use multiple iterated hashes.
Infographic: How passwords are crackedInfographic: How passwords are cracked
Infographic: How passwords are crackedInfographic: How passwords are cracked
Tags: cyber securityInfographicUK
Previous Post

India overtakes Japan as second largest steel producer

Next Post

Russia agrees to IMO’s passenger compensation treaty

Related News

fire
Accidents

Fire onboard cargo vessel in Hull gets dealt with

June 30, 2025
iaph cyber security
Cyber Security

IAPH releases cyber security guidelines for new port technologies

June 24, 2025
LR: Good data is a crucial foundation for improving safety
Opinions

ABS Consulting: Make cyber risk part of the daily safety conversation

June 23, 2025
UK sanctions
Shipping

UK ramps up pressure with new sanctions against Russia

June 18, 2025
BIMCO: Chinese seaborne dry bulk imports up 6% despite economic challenges
Shipping

ICS Barometer: Declining confidence in the face of instability

June 11, 2025
bulk carrier
Safety

Intercargo: Bulk carrier safety is improving but not enough

June 10, 2025

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Explore more

No Result
View All Result
MARITIME EVENTS

Explore

  • Safety
  • SEAFiT
  • Green
  • Smart
  • Risk
  • Others
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Content Marketing
  • Contact

© 2025 SAFETY4SEA

No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Opinions
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Tip of the day
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2025 SAFETY4SEA

Manage your privacy
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show (non-) personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Manage options
{title} {title} {title}
No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Opinions
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Tip of the day
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2025 SAFETY4SEA