Password cracking Ethical part!!!
You must learn to question the possible attacker in order to protect yourself from social engineering attacks like the one discussed in this chapter. If you receive a phone call from someone and you think there may be a change that the person is not who he says he is, ask him questions that he should be able to answer in order to establish his legitimacy. Some social engineers study the company before they attack, so that they can know all the answers. Therefore, if you still have any doubts, ask the head of any department the attacker is from to find out if he is legitimate. Better than sorry, secure.
When you type in the password, make sure that nobody tries to peak behind you. If it's, turn around and drop him in the face. No, really, not. Also, make sure that you do not hold sticky notes that contain your password or password hints.
Dictionary attacks are very easy to avoid. Do not use a dictionary password. Some people may believe that if they use a dictionary word but replace most letters with a number, they are safe. They don't. There are also 1337 speak dictionaries. What 1337 speaks is essentially changing the word "animal" to 4n1m41. For a secure password, I would recommend using a phrase such as “doyoulikecheese?88”.
Creating a very long password and using many numbers and strange characters can prevent brute-force attacks. The longer it takes for the hacker to crack your password, the longer the password. If the hacker has not been able to crack your password by a brute-force attack after a few days, he will most likely give up. As I said in the attacks on the dictionary, creating a password is your password is your best option to stay safe.
Phishing attacks are very easy to prevent. When your personal information is asked to be placed in the URL bar. If, for example, you are supposed to be on Gmail.com and say something completely different in the URL bat, such as gmail.randomsite.com or gmailmail.com, then you are on the real website of Gmail, the URL should start with www.google.com.