- Password cracking is the process of comparing stored passwords against word list or repeatedly guessing the password, usually through a different algorithm in which the program tries numerous combinations until the password is successfully discovered.
Password Cracking Techniques:
There are several techniques that
can be used to crack passwords.
(1)
Dictionary
Attack
The attacker systematically tests all possible
passwords beginning with words that have a higher possibility of being used,
such as names and places. The word “dictionary” refers to the attacker
exhausting all of the words in a dictionary in an attempt to discover the
password. Dictionary attacks are typically done with software instead of an
individual manually trying each password
(2)
Brute Force
Attack
The attacker systematically trying all the
combinations key on cipher text until the original password of plain text
obtained. It’s similar to the dictionary attack. But it use
algorithm that combine alpha-numeric characters and symbols to come up with
passwords for the attack. For example, a password of value “2gh”. The brute
force try 000, 001, …. , 2gg, 2gh.
(3)
Rainbow
Table Attack
It attempts to discover the password from hash. It
uses pre-computed hashes. Let’s assume that we have a database which stores
passwords as MD5 hashes. We have another database that has MD5 hashes of
commonly used passwords. With rainbow tables, you are comparing a table of
known inputs and outputs to a bench of unknown outputs. If a match is found,
then we have the password.