Subscribe by Email


Monday, March 19, 2012

Explain the concepts of password cracking?

Password cracking is one of important and most sought after concepts under the category of computer security and crypt analysis. Password cracking is such a term that is self explanatory i.e., we can make out from the term itself that it is all about recovering the passwords.

The passwords can be recovered from the data that is transmitted and stored by a computer system or network. Till date many approaches have been formulated for the cracking of passwords.

APPROACH FOR PASSWORD CRACKING

- The most common approach which is still so much in use is repeated guessing of the password till one gets the right one.

- Nowadays passwords are more known for their use in the log in process to various systems like an operated system, ATMs, cell phones, email accounts and so on.

- It is not necessary that a password should be some meaningful word; rather it can be anything silly that is probably difficult to be guessed by the others.

- There are many types of passwords like passphrase (password formed by more than one word), PIN (personal identification number, numerical password).

- Passwords are again very much vulnerable since they are not as secure as their cryptographic counterparts i.e., protocols.

- These days password theft, password spoofing etc is quite common.

FACTORS AFFECTING THE SECURITY OF PASSWORD

- Any password protected system is provided protection against the viruses, Trojans etc.

- Physical security measures like shoulder surfing are also implemented.

- Less extreme measures are still so very in use namely Side channel attack,
Extortion and, Rubber hose crypt-analysis.

- It is not necessary that password cracking has always a bad reason behind it.

- There can also be some reasonable and genuine causes for cracking a password.

- The password cracking process usually takes much time depending up on the strength of its bits.

- The measure of the strength of the bits of a password give an indication about the information entropy of it.

- Many of the computer systems are now implementing these techniques.

- In some systems the cryptographic hash of the password gets stored which makes the password accessible to an attacker.

- The attacker can obtain the actual password from this hash password value.

- Passwords with high guessing rates are commonly used for cryptographic keys generation process.

HOW PASSWORD CRACKING IS DONE?

- To say it simply the password cracking is recovering of the passwords from the stored or transmitted data in a computer system.

- Passwords whether easy to remember or hard to guess always have a problem associated with them.

- The password which may seem easy to remember to the user often might also be easy
for an attacker to crack.

- On the other hand a difficult password is a contributing factor in reducing the security of the system since it has to be physically written and stored somewhere.

- In such cases the user tends to use the same password for a long time or to reset it again and again in case he/ she forgets it.

- All this stuff makes a system vulnerable and calls for more stringent security checks for password.

- There are several measures to increase the password strength like using a mixture of both lower case and upper case alphabets, numbers and special characters.

- But such kinds of measures only make the memorisation of these passwords more difficult.

- The best measure here to avoid such memory traps can be to design a personal algorithm for the generation of obscure passwords whenever you plan to change your password.


No comments:

Facebook activity