Password Management Strategies for Safer Systems: Glossary of Key Terms

BY JAMES F. LEON

Editor's note: This is a Web-exclusive exhibit for " Password Management Strategies for Safer Systems ."

Term Definition

Clear Text

Unencrypted characters in, for example, a password.

Crack

To decode an encrypted password.

Social Engineering

A hacker’s use of a plausible pretext to intimidate or trick an employee into divulging a password without proper authorization.

Dictionary Attack

A hacker-originated automated process that repeatedly attempts to log on to a system, using many thousands of words (contained in the hacker’s ad hoc “dictionary”) as potential passwords.

Hashing

A process that follows a mathematical formula to convert a user’s password into an encrypted alphanumeric value. Despite its harder-to-crack encryption, hashing has security weaknesses.

Rainbow Table

Hacker-created lists of the precomputed hashed values of thousands of words that users may have chosen as passwords. Hackers search rainbow tables for matches with hashed passwords they encounter in password tables. Often hackers quickly find a match—and thereby crack—hashed passwords.

Salt

A metaphorical term for a random array of characters that will be attached to a password to strengthen it against hackers.

Salted Hashing

A technique to make passwords harder to crack. It consists of adding a salt value to a password, and then hashing it.

Penetration Test

An exercise in which a knowledgeable third party you hire attempts to break into your system and shares with you the results of the attempt.

Also read these other Web-exclusive exhibits:
Safe Password Practices
Offense and Defense

SPONSORED REPORT

Post-busy season checklist

Now that tax season is over, pause for some introspection to guarantee that next year’s busy season is even better. Bonus: “Dirty dozen” scams list to share with your clients. Sponsored by Thomson Reuters, Bloomberg BNA, Bloomberg BNA // Software and Wolters Kluwer.

QUIZ

News quiz: Risks are top of mind in finance

Americans are worried about risks to their financial security. Accountants also see risks to their organizations and their careers. See how much you know about recent news and reports with this quiz.

CHECKLIST

Auditing risks in culture

Cultural flaws can seriously damage an organization. Here’s how internal auditors can reduce risks by embedding culture audits into existing audit programs.