Saturday 24 September 2011

Tutorial on Password guessing attack

Tutorial on Password guessing attack

Passwords are used in every system for authentication of a user. Password is a set of symbol asssociated with a user. Password guessing attack is a type of attack in which an attacker tries to gain access of a system or network with a guessed password. Guessing a password is very simple type of attack but it is most effective if you know about the victim. The latest form of password guessing attack is carried out by automated tools which guess and try the password again and again to get the access of a system.
If you are doing it without any tool, you can try some information of users as a password which are generally taken as a passowrd. such as mobile number, birthday, name of gf/bf, birthday. So if you use this type of passwords then you can be hacked easily by a simple guess.

Password guessing attacks can be classified into two.

Brute Force Attack: A Brute Force attack is a type of password guessing attack and it consists of trying every possible code, combination, or password until you find the correct one. This type of attack may take long time to complete. A complex password can make the time for identifying the password by brute force long.
Dictionary Attack: A dictionary attack is another type of password guessing attack which uses a dictionary of common words to identify the user’s password.

We also have hybrid attacks, which append, prepend, or insert numerical (0-9) and special (!@#$%*, etc.) characters to dictionary terms. Passwords guessed at this level might be something like "129good45guess" or "pa55w0rd."'

A short and simple tutorial.. comment if any question


Post a Comment

Related Posts Plugin for WordPress, Blogger...