After noting several threads discussing password strength and related issues, I am wondering what the targets really are. What are the most common targets for password cracking attacks? Do I really need to worry that someone is going to try to crack my email account? Or is the real concern things like my online bank account where someone could get real money?
It seems like the big targets would be the institutions themselves where someone could get access to millions of credit card numbers rather than cracking individual email or Facebook accounts. Are there empirical studies available that assess vulnerability based on desirability of a target?
This is an interesting (and sobering) article on the consquences of having emails etc hacked:
A lot of the fall-out was because the guy was (frankly) an idiot, in that he failed to back up his photos etc.
But it did make me order three 32GB flash drives to save the last few years of family photos just in case (one to hide at home, one for my office desk, and one several hundred miles away at my parents’ house!).
My favourite bit is that he stored his password vault on Dropbox, a useful thing to do for syncing purposes. But he kept his one copy of the Dropbox password in, you guessed it, the password vault. That’s like putting the backup keys to a safe in the safe. Duh! Fortunately he found an open instance of Dropbox running on his wife’s computer.
I heard him interviewed on the radio. But this wasn’t a random hacking. My impression was that he was hacked due to his prominent status as a journalist, to prove a point. Nobody is going to go to that much trouble just to embarrass me. I don’t think that case is typical.