Cracking a user password usually depends on the complexity of the password itself. Many users tend to set simple and easy-to-remember passphrases on their devices, especially on a wireless network. However, a complex password will create difficulties for the penetration tester or hacker. Complex passwords have the following characteristics:

• They contain uppercase characters
• They contain lowercase characters
• They contain numbers
• They contain specific symbols
• They are over 12 characters in length
• They do not contain a name
• They do not contain a date of birth
• They do not contain a vehicle's plate number

The following is an example of a complex password generated by LastPass (www.lastpass.com), a password manager:

The idea is to ensure that nobody can guess or compromise your password easily. If a malicious user is able to compromise another person's user credentials, the attacker can wreak havoc on the victim's network and/or personal life.

In the following section, we will describe techniques that can be implemented on an enterprise network to improve its security posture.