The Vulnerabilities of Using Passwords and Username Based Systems

One of the major sources of authentication is through the use of username and password systems. Ideally, each password is a unique identifier known by a single individual. In reality however, exposed passwords from past data breaches reveal vulnerabilities that are traceable to passwords created today. Vulnerabilities include repetitions of characters, words, character sequences, and phrases that are used in a password. This project was observed in English to highlight the vulnerabilities that can come from utilizing the English language. However, the vulnerabilities highlighted in this project can also be applicable in languages across the world. It was observed that through the common types of digital attacks, brute force attack and dictionary attack work effectively against weak passwords. Brute force attack revealed that a user could expose an alphanumeric password of length eight in as little as one and a half days. In addition, dictionary attacks revealed that an alphanumeric password of length eight can be exposed in a shorter amount of time if the password contains a single long word or phrase thought to be secure. During this attack analysis, it found that passwords become significantly more secure in the utilization of alphanumeric passwords of minimal length of eight. In addition, the password must also not be a particular phrase or word with simplistic characteristics for adequate strength against dictionary attack. The solution to using username and password systems is to create a password utilizing as many characters as possible while still retaining memorability. If creating a password of this type is not feasible, there is a need to use technological solutions to keep the current system of username and passwords as secure as possible under daily life. Otherwise, there will be a need to replace the username and password system altogether before it becomes insecure by technology.