Authentication is the first step to measuring the security of a website, computer, and network. Various websites use a password-based authentication process to keep their users safe, even if you use password-based protection for your bank account, poker account, email account. etc. | Password Cracking | Therefore, before you make a decision and enter a site or domain, we recommend that you learn more about what the site offers and how safe you can be if you register.
These points determine the importance of the password, but what if someone finds out your username and password, than he/she can get full administrator access to your account. This is not a joke because passwords are on the hit list of hackers, an attacker can easily crack or even crack your password.
The most common types of attack for cracking a password are:
• Dictionary based attack
• Brute force attack
daily routine, your hobbies and so on, here is the list of the stuffs that an attacker usually use while trying to guess a password.
• Your name
• Your parent’s name
• Your children (s) name
• DOB (date of birth)
• Phone number
• Your love one name, number
• Your hobbies
• Your favorite star
• Your favorite singer/actor/actress/movie name/drama name
• Your city/country/town name
• And so on
Dictionary based and brute force attack requires a strong word-list that contain:
• Dictionary words
• Most common passwords
• Most famous places
• Common names
A smart cracker usually create a wordlist according to the victim information, there are so many tools are available on the Internet to crack a password like brutus and THC-hydra are the most common.
THC hydra is the fats and flexible password cracking tool that can crack different protocls like HTTP, FTP, Telnet etc.
A typical example of password cracking by using brutus is as follows:
• Your password must greater than 8 characters
• Your password must contain upper case and lower case alphabets
• Your password must contain some numbers
• Your password must have some special character
• Never use same password for different accounts
• Never use a password that is (are) related to you