Scribd Logo
Upload

Welcome to Scribd!

  • Attacks On Passwords

    Uploaded by

    c3074474
    5 views1 page
    Social engineering techniques like phishing, shoulder surfing, and dumpster diving can allow an attacker to gain access to a computer and reset passwords. Password cracking can be done either online by continuously guessing passwords, or offline by stealing an encrypted password file and using techniques like brute force, dictionary attacks, and rainbow tables to crack passwords. The most common method of password attacks today involves attackers stealing an encrypted password file and cracking passwords offline.

    Original Description:

    Original Title

    Attacks on Passwords

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Social engineering techniques like phishing, shoulder surfing, and dumpster diving can allow an attacker to gain access to a computer and reset passwords. Password cracking can be done either online by continuously guessing passwords, or offline by stealing an encrypted password file and using techniques like brute force, dictionary attacks, and rainbow tables to crack passwords. The most common method of password attacks today involves attackers stealing an encrypted password file and cracking passwords offline.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views1 page

    Attacks On Passwords

    Uploaded by

    c3074474
    Social engineering techniques like phishing, shoulder surfing, and dumpster diving can allow an attacker to gain access to a computer and reset passwords. Password cracking can be done either online by continuously guessing passwords, or offline by stealing an encrypted password file and using techniques like brute force, dictionary attacks, and rainbow tables to crack passwords. The most common method of password attacks today involves attackers stealing an encrypted password file and cracking passwords offline.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Attacker gains physical

    Resetting access to computer and


    resets password

    Not really practical -


    Online guessing
    will take TOO long

    Phishing, shoulder
    surfing, dumpster Social engineering
    diving

    Keylogger, protocol
    analyser (e.g.,
    Wireshark)
    Capturing
    Method used by most
    Man-in-the-middle and password attacks today
    replay attacks Attacks on Passwords

    Compare with
    Attackers steal file with
    Substituting letters/ encrypted passwords
    encrypted password
    placing numbers within they have created
    words
    Offline cracking
    Every possible
    Spelling words combination of letters,
    backwards numbers, and
    Slightly alter dictionary
    Hybrid attack 1. Brute force characters used to
    words
    create encrypted
    Slightly misspelling passwords and matched
    words against stolen file
    Offline cracking types:

    Including special Attacker creates


    characters encrypted versions of
    common dictionary
    2. Dictionary attack
    words, Compares
    against stolen password
    Large pre-generated file
    data set of encrypted
    passwords

    Used for reversing


    cryptographic hash
    Rainbow tables functions

    Used in recovering a
    plaintext password up
    to a certain length
    consisting of a limited
    set of characters

    You might also like