Top ten password cracking techniques

Posted on 2 Dec 2011 at 14:12

Think your passwords are secure? Think again

If you want to ensure your password, and the data it protects, is as secure against hackers as possible then be sure to read The Ultimate Guide to Passwords in the upcoming issue of PC Pro, on sale next week.

In case you think you're safe from the attentions of such criminal types, or think they'd never be able to guess your password, perhaps you might be interested to learn just how wrong you are.

Here are the ten most common password cracking techniques in use:

1. Dictionary attack

This uses a simple file containing words that can, surprise surprise, be found in a dictionary. In other words, if you will excuse the pun, this attack uses exactly the kind of words that many people use as their password.

Cleverly grouping words together such as ‘letmein’ or ‘superadministratorguy’ will not prevent your password from being cracked this way - well, not for more than a few extra seconds.

2. Brute force attack

This method is similar to the dictionary attack but with the added bonus, for the hacker, of being able to detect non-dictionary words by working through all possible alpha-numeric combinations from aaa1 to zzz10.

It’s not quick, provided your password is over a handful of characters long, but it will uncover your password eventually. Brute force attacks can be shortened by throwing additional computing horsepower, in terms of both processing power - including harnessing the power of your video card GPU - and machine numbers, such as using distributed computing models and zombie botnets.

3. Rainbow table attack

A rainbow table is a list of pre-computed hashes - the numerical value of an encrypted password, used by most systems today - and that’s the hashes of all possible password combinations for any given hashing algorithm mind. The time it takes to crack a password using a rainbow table is reduced to the time it takes to look it up in the list.

Blogs

How a cheap graphics card could crack your password in under a second

However, the table itself will be huge and require some serious computing horse power to run, and it’s useless if the hash it is trying to find has been ‘salted’ by adding random characters to the password before applying the hashing algorithm.

There is talk of salted rainbow tables existing, but these would be so large as to be difficult to use in practise. They would likely only work with a predefined ‘random character’ set and password strings below 12 characters as the size of the table would be prohibitive to even state-level hackers otherwise.

4. Phishing

There's an easy way to hack: ask the user for his or her password. A phishing email leads the unsuspecting reader to a faked online banking, payment or other site in order to login and put right some terrible problem with their security.

Why bother going to the trouble of cracking the password when the user will happily give it you anyway?

5. Social engineering

Social engineering takes the whole ‘ask the user’ concept outside of the inbox that phishing tends to stick with and into the real world.

A favourite of the social engineer is to telephone an office posing as an IT security tech guy and simply ask for the network access password. You’d be amazed how often this works. Some even have the necessary gonads to don a suit and name badge before walking into a business to ask the receptionist the same question face to face.

1 2

Subscribe to PC Pro magazine. We'll give you 3 issues for £1 plus a free gift - click here

User comments

dictionary attack

Dictionary attack needs to clarified further as it really is about cracking passwords based on a list of words and these words can be anything at all! They are not necessarily words from dictionary in general sense. For example, ..#@$T$dp1f, can be considered a "dictionary word" if it appears in the list that is used to crack the passwords. There exists a dictionary with over 30 million entries http://dazzlepod.com/uniqpass/ that people have used to crack hundred of thousands of passwords in a matter of minutes! That's just one example. Simply put, I think password based systems are really not safe anymore these days..

By disclosure on 8 Dec 2011

A few suggestions....

Password reuse should be on the list. Doesn't everyone use the same username and password for all the sites they visit? The description of rainbow tables is wrong, they are a time memory tradeoff attack using precomputed tables of hash chains. A hash is reversed by calculating forward the hash chain to the end, the table then provides the start of that hash chain and it is calculated forward to the plaintext. The more storage space, the shorter the chains and the less effort each password takes. The number of characters in the password does not determine the size of the rainbow table and the difficulty introduced by long passwords depends mainly on implimentation. The primary factor is the number of bits in the hashing function which is the same for all lengths of password.

By Alexander on 10 Dec 2011