Passage Five
The theft by a Russian syndicate of 1.2 billion username and password combinations from 420,000 websites around the world means that the personal details of almost half of all users of the internet must now be considered severely compromised. It can be only a matter of time before the victims find nasty surprises in their bank statements and credit-card accounts. To be on the safe side, anyone who uses financial and shopping websites should change their passwords forthwith preferably to something longer, more jumbled, and including no word found in any dictionary. The more nonsensical the better.
Heads may nod in agreement, but the advice is then promptly ignored. Human nature, being what it is, has a habit of making people the weakest link in any security chain. For instance, passwords that are easy to remember-the ones most people choose-tend to be the easiest for cybercrooks to guess. By contrast, passwords comprising long, random strings of uppercase and lowercase letters plus numbers and other keyboard characters are far more difficult to fathom. Unfortunately, they are also difficult to remember. As a result, users write them down on scraps of paper that get left lying around for prying eyes to see.
Basically, two factors determine a password's strength. The first is the number of guesses an attacker must try to find the correct one. This depends on the password's length, complexity and randomness. The second factor concerns how easy it is to check the validity of each guess This depends on how the password is stored on a website's server.
What can individuals do to protect themselves? Apart from choosing passwords that are strong enough(ie, long, complex and random mixtures of ASCII characters) to make cracking their hashes too time consuming for thieves to bother with, there is actually not all that much more. Passwords get stolen and broken mainly because of poor choices made by those responsible for a website's security especially the way it stores customers'validation details.
Given the pace of innovation in graphics processors, coupled with the increasing power of cracking software(mostly available for free on the internet), even the best password defences are destined to be overwhelmed in due course. After two thousand years of development, the password's days would finally seem numbered. Time to start investing in spoof-proof biometric factors that characterise each person uniquely as an individual.
The strength of a password is NOT determined by _____.
A、its complexity
B、its length
C、its randomness
D、its meaning
【正确答案】:D
【题目解析】:第三段说The first is the number of guesses an attacker must try to find the correct one. This depends on the password’s length, complexity and randomness,由此可以得出答案。
