Password Crackers

What is a password cracker or password cracking?

A password cracker is a program that is used to identify or obtain an unknown or forgotten password to a computer, program, file or network resources. Password crackers use two primary methods to identify correct passwords: brute –force and dictionary searches. Brute-force runs through combinations of characters within a predetermined length until it finds the combination accepted by the computer system. The other method of password cracking uses a dictionary search for the correct password involving the use of dictionary files.

There are several password cracking programs that be downloaded for free from the internet:

Top 10 password cracking programs:

1.Cain and Abel

2. John the Ripper

3. THC Hydra

4. Aircrack

5. L0phtcrack

6. Airsnort

7. Solar Winds

8. Pwdump

9. RainbowCrack

10. Brutus

Rough Estimate Chart:

Password Length - All Characters - Only Lowercase

3 characters - 0.86 seconds - 0.02 seconds

4 characters - 1.36 minutes - 0.46 seconds

5 characters - 2.15 hours - 11.9 seconds

6 characters - 8.51 days - 5.15 minutes

7 characters - 2.21 years - 2.23 hours

8 characters - 2.10 centuries - 2.42 days

9 characters - 20 millennia - 2.07 months

10 characters - 1,899 millennia - 4.48 years

*Note: with current technology. This could change over the years. A good portion of password cracking actually involves using the graphics card.

Prevention:

  1. Ideally passwords should be over 8 characters long.
  2. They should use a combination of lower case letters, upper case letters, numbers, and symbols. The more random the password, the harder it is to crack.
  3. Update passwords oftenabout every 2-3 months.
  4. Never use common passwords that would be too easy too guess like god, love, password, 1234, qwerty, your partners name, child’s name, pet’s name, sports team, last 4 digits of your social security number, city, college, date of birth.
  5. Use different passwords for different places.
  6. Clear browser cookies and cache often. For instance you can set your browser options to clear cookies and cache once you close the browser window or you can use some freeware cleaning utilities like CCleaner.
  1. CAPTCHA is used on many websites which can help prevent password hacking/cracking.
  2. Logging failed attempts which after, for example,3 attempts can disable an account for a particular user or lock them out for a specified duration.
  3. Something similar to CAPTCHA which uses random images or text/numbers.