How passwords can be guessed or cracked ?

Passwords are a important part of security systems but we are security professional and it is our duty to test the strenght of password. So in this articles we will learn different password stregth checking methodologies.

– Hacknopedia

Guessing Passwords

This is the first thing to try, you have to guess what can be the password. For example, the most common passwords are 123456789, qwerty1234, admin, etc. Yes, this kind of password exists and will exist because it doesn’t matter how tight is security but one stupid human makes the whole system vulnerable.
Well as the title suggests, you have to make an educated guess. Write down all the information you have about the target, which includes names, phone numbers, name of partner or pet, organization’s name, date of birth, etc., and then try to enter them with different variations.
Let me give you some real-life examples,
The password of my college’s WiFi is [email protected] where CCOC is the acronym (short form) of the central college of commerce.
One of my friends uses her phone as her password ( told her to change it though).
The password of my Friend’s computer is [email protected] (i.e. his name)
See? People use this kind of password because they are easy to remember but they are easy to guess too and it’s a good idea to try to guess the password first.

Dictionary Attack

Kind of an improved version of guessing. For this attack, we need a text file containing thousands/millions of passwords (or say common passwords). This file can be supplied to a password-cracking program and that program will try all the passwords one by one until one of them matches or the list ends. The file is often called a password list or a dictionary.
If you are thinking it must be time-consuming to try all those passwords then you probably don’t know a sh!t about computers. Well, I can’t tell you how many passwords a computer can try in one second like the other blogs do because it depends on a lot of factors. Factors like the processing power of your computer, the program you are using to crack, the program you entering passwords in, your Internet speed (if you are cracking something online), etc. There are multiple collections of common passwords or they can be made by own using tools. One of the best collections of passwords can be found at this Github link.

Brute-Force Attack

Brute-forcing is a more intense approach to password cracking. A password-guessing program tries all possible combinations of the given character set for a particular length.
For example, If I know the password is of 2 characters (for the sake of simplicity) and it contains only alphabets in lowercase, I will supply this information to the cracking program and it will try all the possible combinations of alphabets like aa, ab, ac…az, ba, bb, bc..and so on.
What’s good about a brute force attack? It’s guaranteed to crack the password.
What’s bad about a brute-force attack? It takes time. Ranging from a couple of hours to 3 million years or more.

How to crack a Hash of a password?

As we discussed earlier, hashes have become popular due to their one-way encryption nature (which means they can’t be decrypted). We can crack them though even with a dictionary or brute force attack. But imagine millions of passwords and they need to be changed to hashed before they can be matched with the hash we are trying to crack. Yeah, it will take a long (long means long) time and a lot of resources too. That’s why we have some modern approaches to hash cracking.

Hash Tables

Hash tables contain a lot of passwords like a dictionary but it also contains their hash values so it doesn’t have to convert each entry into a hash first. Once a hash from the hash table matches with the target hash, the program looks at its value in plaintext.
Thus it can offer faster cracking and consumes less time. The size of a normal hash table is 30-40 GBs.

Rainbow Tables

Rainbow Tables are nothing more than an optimized version of Hash Tables.
Optimized? Not really.
Rainbow Tables take less space compared to hash tables but password cracking is slower with a rainbow table than with a hash table.