Chapter_8_Password-Cracking
Studied by 0 people
Learn
Practice Test
Spaced Repetition
Match
Flashcards1/17
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced |
|---|
No study sessions yet.
18 Terms
Password cracking
is the process of using an application program to identify an unknown or forgotten password to a computer or network resource.
password cracker
recovers passwords using various techniques.
The process can involve comparing a list of words to guess passwords or the use of an algorithm to repeatedly guess the password.
Hashes
are mathematical functions that change arbitrary-length inputs into an encrypted fixed length output.
A password cracker may also be able to identify encrypted passwords.
True or False
True
Brute force
This attack runs through combinations of characters of a predetermined length until it finds the combination that matches the password.
Dictionary search
Here, a password cracker searches each word in the ____________ for the correct password. Password ____________ exist for a variety of topics and combinations of topics, including politics, movies and music groups
Phishing
These attacks are used to gain access to user passwords without the use of a password cracking tool. Instead, a user is fooled into clicking on an email attachment.
Malware
Similar to phishing, using _________ is another method of gaining unauthored access to passwords without the use of a password cracking tool
_____ such as keyloggers, which track keystrokes, or screen scrapers, which take screenshots, are used instead.
Rainbow attack
. This approach involves using different words from the original password in order to generate other possible passwords. Malicious actors can keep a list called a rainbow table with them.
Guessing
An attacker may be able to guess a password without the use of tools. If the threat actor has enough information about the victim or the victim is using a common enough password, they may be able to come up with the correct characters.
hybrid attack methodologies
Some password cracking programs may use ___________________________ where they search for combinations of dictionary entries and numbers or special characters.
Cain and Abel
This password recovery software can recover passwords for Microsoft Windows user accounts and Microsoft Access passwords.
uses a graphical user interface, making it more user-friendly than comparable tools. The software uses dictionary lists and brute-force attack methods.
Ophcrack
This password cracker uses rainbow tables and brute-force attacks to crack passwords. It runs on Windows, macOS and Linux.
John the Ripper
This tool uses a dictionary list approach and is available primarily for macOS and Linux systems.
Be at least 12 characters long
The shorter a password is, the easier and faster it will be cracked.
Combine letters and a variety of characters
Using numbers and special characters, such as periods and commas, increases the number of possible combinations.
Avoid reusing a password
If a password is cracked, then a person with malicious intent could use that same password to easily access other password-protected accounts the victim owns.
Pay attention to password strength indicators
Some password-protected systems include a password strength meter, which is a scale that tells users when they have created a strong password.