Password cracking

In cryptanalysis and computer security, password cracking is the process of guessing passwords[1] protecting a computer system. A common approach (brute-force attack) is to repeatedly try guesses for the password and to check them against an available cryptographic hash of the password.[2] Another type of approach is password spraying, which is often automated and occurs slowly over time in order to remain undetected, using a list of common passwords.[3]

The purpose of password cracking might be to help a user recover a forgotten password (due to the fact that installing an entirely new password would involve System Administration privileges), to gain unauthorized access to a system, or to act as a preventive measure whereby system administrators check for easily crackable passwords. On a file-by-file basis, password cracking is utilized to gain access to digital evidence to which a judge has allowed access, when a particular file's permissions restricted.

  1. ^ Cite error: The named reference :0 was invoked but never defined (see the help page).
  2. ^ Montoro, Massimiliano (2005). "Cain & Abel User Manual: Brute-Force Password Cracker". oxid.it (defunct). Archived from the original on June 7, 2019. Retrieved August 13, 2013.{{cite web}}: CS1 maint: unfit URL (link)
  3. ^ "What Is Password Spraying? How to Stop Password Spraying Attacks".