The importance of password management cannot be over emphasized. Passwords are used to verify the user’s identity and to verify that the user has authority to access the resources or information associated with the login.
Password databases are stored in huge numbers on databases on remote servers called databases. These databases are often used to store information other than raw data such as usernames, passwords, and access logs. Often these databases are secured through firewalls.
The internal and external firewalls connect the databases on remote servers with the workstations. Usually the employees can login using their usernames and passwords to access the resources and databases. So, in any case if a person obtain the password database he can get the details of all the credentials such usernames, passwords, IP addresses, and other details. The database can contain a lot of valid passwords such as Identities, e-mail addresses and credit card numbers.
It should be noted that the breach can also occur if the database is accessible by the web server where the website is hosted. Such breaches usually occur due to improper sanitation of the databases. This problem is very rampant among those who host their websites through third-party hosting companies. Often, the hosting companies do not ensure a proper amount of sanitization. As a result the credentials are made available to hackers for use by the attackers. Due to the large amount of data in today’s databases it is very difficult to sanitize and search for the database which is already apt to put the website at risk. Some administrators use brute force attacks to guess the valid credentials from the password databases and use them to hijack the computer and steal cookies. Brute force attacks mean trying all the possible combinations and this can be a time-consuming process. d2c66b5586