A password is a string of alphanumeric characters that is used to verify the identity of the user of an information technology device or system. It is commonly used in computers to ensure that only authorized users have access to the device's operating operations. On the other hand, there may be a need to get access to the system without using the password, which is referred to as password hacking or cracking (Satapathy & Patra, 2015). Password hacking or cracking is the method by which a user gains access to a computer by bypassing the password requirement. In the current information communication technology (ICT), cracking of passwords is a major practice for investigative or intrusion purposes. This paper examines the reasons behind password cracking, the ethical issues related to password cracking, the merits, justifications, and privacy concerns related to password hacking.
The Reasons Behind Password Cracking
Cracking of passwords is conducted majorly for malicious or non-malicious objectives. In the case of malicious objectives of password cracking, it is performed by criminals who want to gain an entry into the information system in order to commit a cybercrime (Bebbington & Vellino, 2015). Such kinds of cybercrimes may be in the forms of access to confidential information about a bank, money laundering of funds from a bank to a different bank, and causing distortion to the integrity of electronic information in an organization for personal benefits (Monteith, 2016). Non-malicious cracking of password takes place when the password has been known by the wrong persons or has been lost, when there is the need to establish the strength of the existing password, or to educate staff on methods of accessing password protected information for investigative purposes. However, non-malicious hacking of passwords should be done with the consent of the owner of the device under consideration.
A common technique of cracking a password is to guess the right combinations of numerals and letters used to establish the authenticity of the user. It is likely that an intelligent guess can be made and access gained into information systems. This is a major experience in case where people have similar passwords (Hartley, 2015). For instance, studies shows that people use passwords based on their life characteristics such as date of birth or the year in which they completed high school of college. Other techniques that people use to crack passwords include: contact information, name, social media, favorite sport, favorite athlete, or family name.
Ethical concerns over hacking
It is an ethical requirement that any password hacking activity should be conducted after seeking the permission of the relevant authorities of owners of a system to be hacked. In ethical hacking, a password is hacked for the purpose of fixing a problem and is usually subject to authorization. This is a common practice among software companies that pay their hackers in order to penetrate the software's websites to determine the robustness of the system from malicious attacks in the future (Evangelakos, Schleyer, Trevino & Wright, 2017). If the user is able to find the password of the system, it implies that the security of such a system is at risk. Ethical password hacking is also performed in order to establish whether an organization has complied with the password policy or to recover a lost password. However, if bypassing of the password is done by wrong person for malicious objective, it becomes unethical. Ethical or unethical hacking of passwords is determined by the intentions of the hacker. Non-compliance with this ethical requirement will result into the perception that the activity has been conducted in a criminal manner. It is also the ethical responsibility of the person cracking the passwords to ensure it is not conducted for the purpose of facilitating a criminal act such as stealing money in a banking institution or access to a system for the purpose of accessing private information.
Merits and Demerits of Password hacking
Password hacking is associated with a number of merits such as the ability to enable testing the level of security of the information systems to ensure a secure password is used in place of the existing password if the latter is found to be weak and likely to be compromised. Password cracking is important in ensuring a recovery of the functions of the information systems when the previous password is lost, forgotten, or cannot be traced (Chong, 2017). It is also important to crack passwords in order to crack passwords during research and learning in order to improve the existing password policies and create new policies that ensure the security of the information systems. Password cracking is also important in enabling the detection and opening up of messages and systems which provide the relevant information to government agencies such as data which requires high security.
Cracking or hacking of passwords is associated with a number of demerits such as the opportunity for criminals to practice theft of identity of the authentic user. When an unauthorized person accessed the system, they are able to perform tasks that can result into losses to the person who owns the information system (Brey, 2007). Hacking of information systems is associated with the likelihood of misuse of data by the hacker, which can be a major disadvantage to the owner of information systems. Password hacking can also result into an incidence of fraud when the hacker assumes the ownership of the data and trick the clients of the authentic owner of the system into conducting of transactions. For instance, a person can hack into the profile of another person in the social media and use the identity of the latter to seek financial benefits from friends.
Justification for Password Cracking/hacking
The practice of hacking has both advantages and disadvantages but focusing on the fact that cracking can be done legally and illegally, there are particular situations under which hacking is justified such as when there is the need to promote security of the information systems from theft of identity or when it is necessary to access particular information in order to provide evidence pertaining to a crime associated with the owner of the information system such as a computer system, a tablet, or a mobile phone (Bebbington & Vellino, 2015). The acquisition of such advanced skills can be important in promoting password cracking for purposes of tracking cybercrimes and improving the security of information system from malicious use by unauthorized persons.
Privacy Concerns with Hacking
In all information systems that have been hacked either for malicious or non-malicious objectives; privacy concern is a major factor to consider since the actual owner of the information system is not involved in the activity. The person performing the hacking operation may gain access to sensitive information which may put an individual or organization at risk of losing its resources if the accessed information is important in ensuring financial or information security of the respective entities (Arlitsch & Edelman, 2014). The likelihood of password cracking creates a reason why people tend to avoid storing information in computer systems such as cloud or social media. The solution to the achievement of high levels of privacy is to use strong passwords which are changed on periodic basis to eliminate the likelihood of cracking of passwords.
Conclusion
This paper examined the topic of password cracking or hacking by focusing on the reasons behind password cracking, the ethical concerns pertaining to password cracking, the merits and demerits of password cracking, justification for password cracking, and privacy concerns related to hacking of passwords. A common reason for cracking password has been to access sensitive information in order to commit a crime such as stealing from an organization or a non-malicious act such as accessing the information system when the password cannot be remembered by the owner of an information system such as a computer, a mobile phone or a tablet. A major ethical issue that requires to be observed during hacking of passwords is to ensure the authorization of the information system is sought and that the access to the system does not involve malicious intensions such as achieving personal gains from the act. The major merit of password cracking is that the user of the information system is provided with the opportunity to access information that is necessary to achieve a particular objective and the system security policies are updated by the use of strong passwords. The major demerit of password hacking is that the hacker may use the information systems to achieve malicious objectives such as using secured information about an organization for personal benefits. The justification for cracking of passwords is that the cracker is able to perform the hacking activity in order to establish an area of vulnerability so that improvement measures can be implemented. The major privacy concerns pertaining to cracking of passwords are that every owner of an information system would not like the information to be accessed by unauthorized people because of the threat to security of data.
References
Arlitsch, K., & Edelman, A. (2014). Staying Safe: Cyber Security for People and Organizations. Journal of Library Administration, 54(1), 46-56.
Bebbington, S., & Vellino, A. (2015). Can playing Minecraft improve teenagers' information literacy?.
Brey, P. (2007). Ethical aspects of information security and privacy. Security, privacy, and trust in modern data management, 21-36.
Chong, S. (2017). THE CHANGING FACE OF CYBERCRIME. Journal Of The Australian & New Zealand Institute Of Insurance & Finance, 40(3), 41-44.
Evangelakos, J., Schleyer, G. T., Trevino, M., & Wright, J. B. (2017). Director, Communications: Hacking Incidents & Cyber Threats. Corporate Governance Advisor, 25 (2), 24-26.
Hartley, R. D. (2015). Ethical Hacking Pedagogy: An Analysis and Overview of Teaching Students to Hack. Journal of International Technology & Information Management, 24 (4), 95-104.
Monteith, B. (2016). Hacking for Good and Bad, and How to Protect Yourself against Hacks. Knowledge Quest, 44 (4), 60-64.
Satapathy, S., & Patra, R. R. (2015). Ethical Hacking. International Journal of Scientific and Research Publications.
