{"id":490,"date":"2022-03-15T11:47:49","date_gmt":"2022-03-15T10:47:49","guid":{"rendered":"https:\/\/www.iptis.fr\/blog\/?p=490"},"modified":"2022-03-22T15:12:01","modified_gmt":"2022-03-22T14:12:01","slug":"evaluer-la-resistance-de-son-mot-de-passe","status":"publish","type":"post","link":"https:\/\/www.iptis.fr\/blog\/evaluer-la-resistance-de-son-mot-de-passe","title":{"rendered":"Evaluer la r\u00e9sistance de son mot de passe"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">HIVE Systems, un sp\u00e9cialiste am\u00e9ricain de la cybers\u00e9curit\u00e9 publie chaque ann\u00e9e son tableau de r\u00e9sistance des mots de passe \u00e0 une attaque par force brute, voici la version 2022 !<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"768\" src=\"https:\/\/www.iptis.fr\/blog\/wp-content\/uploads\/2022\/03\/1646809525265.jpg\" alt=\"\" class=\"wp-image-491\" srcset=\"https:\/\/www.iptis.fr\/blog\/wp-content\/uploads\/2022\/03\/1646809525265.jpg 768w, https:\/\/www.iptis.fr\/blog\/wp-content\/uploads\/2022\/03\/1646809525265-300x300.jpg 300w, https:\/\/www.iptis.fr\/blog\/wp-content\/uploads\/2022\/03\/1646809525265-150x150.jpg 150w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/><figcaption>Plus d&rsquo;infos:  https:\/\/www.hivesystems.io\/blog\/are-your-passwords-in-the-green <\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Si votre mot de passe est Pierre123 : <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>9 caract\u00e8res<\/li><li>1 majuscule<\/li><li>Des lettres et des chiffres<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Un pirate mettra potentiellement 7 heures pour casser le mot de passe, sauf que &#8230; les attaques par force brute \u00e9voluent et se basent d\u00e9sormais sur des dictionnaires de mots de passe \ud83d\udc47<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">C&rsquo;est quoi l&rsquo;attaque par force brute ?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>L&rsquo;attaque par force brute consiste pour le pirate \u00e0 tester l&rsquo;une apr\u00e8s l&rsquo;autres plusieurs combinaisons possibles de mots de passe<\/strong> jusqu&rsquo;\u00e0 trouver le bon. Historiquement la technique \u00e9tait rudimentaire en tentant diff\u00e9rentes s\u00e9quences : A, AA, AAA, &#8230; ce qui rendait les attaques tr\u00e8s lentes.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">D\u00e9sormais les pirates utilisent des <strong>dictionnaires <\/strong>contenant des mots de passe r\u00e9pandus (azerty123, &#8230;), des mots de passe ayant f<strong>uit\u00e9 sur le net<\/strong> ainsi que des mots de passe <strong>probables <\/strong>du type pr\u00e9nom, chiffres, &#8230;<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p><a href=\"https:\/\/www.ladepeche.fr\/2021\/06\/11\/fuite-geante-de-mots-de-passe-voici-comment-verifier-si-vous-avez-ete-pirate-9600557.php\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.ladepeche.fr\/2021\/06\/11\/fuite-geante-de-mots-de-passe-voici-comment-verifier-si-vous-avez-ete-pirate-9600557.php<\/a><\/p><cite>Fuite g\u00e9ante de mots de passe &#8211; La d\u00e9p\u00eache<\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">Cette vid\u00e9o r\u00e9alis\u00e9e par le site Kombini d\u00e9crit tr\u00e8s bien le principe de l&rsquo;attaque par force brute \ud83d\udc47 et vous explique pourquoi \u00ab\u00a0Pierre123\u00a0\u00bb ne tiendra pas longtemps !<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-4-3 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Brute-force : comment hacker un mot de passe simplement\" width=\"580\" height=\"435\" src=\"https:\/\/www.youtube.com\/embed\/YI-6nZFxwNg?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Vous pouvez \u00e9galement vous r\u00e9f\u00e9rer au site de la <strong>CNIL <\/strong>pour en savoir plus sur ces attaques :<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p><a href=\"https:\/\/www.cnil.fr\/fr\/definition\/force-brute-attaque-informatique#:~:text=Une%20attaque%20par%20force%20brute,et%20r%C3%A9pandue%20chez%20les%20pirates.\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.cnil.fr\/fr\/definition\/force-brute-attaque-informatique#:~:text=Une%20attaque%20par%20force%20brute,et%20r%C3%A9pandue%20chez%20les%20pirates.<\/a><\/p><\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">Pour conclure<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">N&rsquo;h\u00e9sitez pas \u00e0 privil\u00e9gier des mots de passe longs, avec majuscules et minuscules, chiffres et lettres, caract\u00e8res sp\u00e9ciaux mais en sortant du cadre classique. <strong>Utilisez des phrases<\/strong> par exemple \u00ab\u00a0Je suis n\u00e9 en France en 1982 !\u00a0\u00bb et d\u00e8s que vous le pouvez activez les <strong>syst\u00e8mes d&rsquo;authentification \u00e0 double facteurs<\/strong>.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-wp-embed is-provider-le-blog-amedia-solutions wp-block-embed-le-blog-amedia-solutions\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"wp-embedded-content\" data-secret=\"72Av6hpOHg\"><a href=\"https:\/\/www.amediasolutions.fr\/blog\/proteger-son-entreprise-des-cyberattaques\">Prot\u00e9ger son entreprise des cyberattaques<\/a><\/blockquote><iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" title=\"\u00ab\u00a0Prot\u00e9ger son entreprise des cyberattaques\u00a0\u00bb &#8212; Le blog Amedia Solutions\" src=\"https:\/\/www.amediasolutions.fr\/blog\/proteger-son-entreprise-des-cyberattaques\/embed#?secret=PqE2fEg3fY#?secret=72Av6hpOHg\" data-secret=\"72Av6hpOHg\" width=\"580\" height=\"327\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe>\n<\/div><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Si votre passe est pierre123 vous devriez le changer sans tarder, il ne r\u00e9sistera pas longtemps \u00e0 une attaque par force brute<\/p>\n","protected":false},"author":1,"featured_media":504,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"class_list":["post-490","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurite"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.iptis.fr\/blog\/wp-json\/wp\/v2\/posts\/490","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.iptis.fr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.iptis.fr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.iptis.fr\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.iptis.fr\/blog\/wp-json\/wp\/v2\/comments?post=490"}],"version-history":[{"count":10,"href":"https:\/\/www.iptis.fr\/blog\/wp-json\/wp\/v2\/posts\/490\/revisions"}],"predecessor-version":[{"id":503,"href":"https:\/\/www.iptis.fr\/blog\/wp-json\/wp\/v2\/posts\/490\/revisions\/503"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.iptis.fr\/blog\/wp-json\/wp\/v2\/media\/504"}],"wp:attachment":[{"href":"https:\/\/www.iptis.fr\/blog\/wp-json\/wp\/v2\/media?parent=490"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.iptis.fr\/blog\/wp-json\/wp\/v2\/categories?post=490"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.iptis.fr\/blog\/wp-json\/wp\/v2\/tags?post=490"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}