Outside and Inside Hacker Deterrents – Part One

Joe Loucks

On January 7th In IP Solutions, IP Tech Tips1 Comment

Strong Passwords

On local networks there is the possibility that disgruntled inside employees can attempt to access an IP camera, NVR, or other security devices. The primary method to block unauthorized users from entering devices is the use of “strong” passwords.

It’s estimated that over 60% of successful inside and outside hacking attempts use password manipulation to gain entry into devices. It’s important to understand that hackers can be armed with automated password cracking programs that will try thousands of password attempts until it hits on a correct input.

Using strong passwords is critical for the security of IP enabled devices. A strong password has three properties: at least eight characters, uses upper and lower case letters, and also contains one or more of the symbols on a typical keyboard such as %, $, &, >, etc. Using passwords such as “ Ta3%79)” instead of “letsgofishing” or “Corvette” will make it extremely difficult for inside and outside hackers to blunder their way into an IP physical security device.

When using a strong password it can be hard for client users to remember the code, so they will likely use the “Save Password?” option on their web browser program to keep the strong password for easy use. This reality shifts the importance of the strong password to the clients’ own PCs or “smart” devices; both physical access to the device and a strong password for access to their device should be also be implemented.

It is also important that client users understand that they should not keep sticky notes with their passwords written on them in their workspace or attached to the underside of their keyboard. Such “public” displays of passwords are an easy target for someone who wants to sign onto a device. This also applies to client users’ business network devices, as often different people have different access levels within the enterprise’s data servers.

Three other things are important about passwords. First, network users should always use separate and different strong passwords for each device or server that they access on the LAN, as well as encrypted web pages such as private or business banking accounts and data backup locations. If a user constantly employs the same password for every device and web page they have the ability to access, any one of those devices can potentially be hacked into and the password list for users be obtained by a bad guy. This person can now try the stolen passwords in other devices on the network to see if they work. Second, passwords should be changed regularly, at least once every three months. And the last important item is to make sure that if an employee leaves or is terminated all of their passwords to any and all devices that they were able to access are deleted immediately.

In the next post we’ll discuss other measures that can be used to detect and deter outside hacking attempts.