Skip to main content

Brute force attack

Brute Force Attack is the most widely known password cracking method. This attack simply tries to use every possible character combination as a password. To recover a one-character password it is enough to try 26 combinations (‘a’ to ‘z’). It is guaranteed that you will find the password


.. but when? How long will it take? The two-character password will require 26*26=676 combinations. The number of possible combinations (and therefore required time) grows rapidly as the length of the password increases and this method quickly becomes useless. Do you ready to wait for two months while your 9-character password is cracked? What about one hundred years for an 11-character password? Besides the maximal length of the character set you should also specify the character set i.e. the list of characters that will be included in the combinations. The longer the character set is, the longer the required period of time is. Here is the problem: usually you have no idea of what characters are present in the password. On the one hand, you should specify all possible characters. On the other hand, this can slow things down very much. Unfortunately, there are no common ways to determine what character set to use. It is more a question of luck and intuition. The only thing I can recommend is to begin with trying short passwords using the fullcharacter set. Then you can increase the length of password simultaneously decreasing the character set to keep the required time good acceptable.

If the password is case sensitive (this is the most common situation), there is another problem with the case.



There are three options:



1) you can assume that the password was typed in lower case (this is most likely). In this case, the required time will stay the same but if the password contains upper case letters it will not be recovered.

2) you can try all combinations.



The password is guaranteed to be found, but the process slows down significantly. A 7-character lower case password requires about 4 hours to be recovered but if you would like to try all combinations of upper case and lower case letters, it will require 23 days. 3) The third method is trade-off. Only the most probable combinations are taken into consideration, for example "password", "PASSWORD" and "Password". The complicated combinations like "pAssWOrD" are not. In this particular case the process slows down to one third of original speed but there is still a possibility to fail.


You can reduce the amount of time required using faster computers (only the CPU speed is important. The amount of RAM, the performance of the hard drive and other hardware don’t affect thebrute force speed), using several computers, choosing the fastest password crackers or tuning the brute force parameters wisely and accurately.

Comments

Popular posts from this blog

How to find who is invisible or blocked you on Google Gtalk

So guys are you ready to know that which of your friend has blocked you on google talk. Whenever you noticed a contact in your Gtalk/Google Talk has not been online for some time, have it ever crossed your mind you’ve been blocked? If you are curious in finding out who actually blocked you in Gtalk, here’s a workaround you can try. This following method we attempt to show make use of a chat client call Pidgin. STEPS TO FIND WHO IS INVISIBLE OR BLOCKED YOU ON GOOGLE CHAT: 1. Download, Install Pidgin Click here to download Pidgin chat client. If you already have Pidgin installed, you may skip this step. 2. Configure Pidgin for GtalkYou’ll probably start with the below screen. Click the Add button. "Accounts -> Manage Account" will also bring you to the same screen. Let’s add Gtalk to Pidgin. Configure Pidgin Welcome Screen Clicking Add will allow you to add new Gtalk account. The following two screenshots show what you need to fill up for Basic and Advance tab, pay...

Secrets, Hints, Tips, And Tricks To Succeed In FarmVille on Facebook

12 days ago, I happened to look over someone's shoulder when they had FarmVille open. Before then, I had brushed it off as another lame community game I didn't have time for. It was at that time that I actually saw the game being played and decided to give it a shot. Over the last 12 days, I've been so successful at the game that I felt I just had to share some of what helped me rocket past many of my Facebook friends in the game. Grab a notepad or fire up the printer, because I have some great tips and tricks to help you do as well as I am in FarmVille. Just to prove my point, here's a screen shot of my farm from just minutes ago. Not bad for 12 days. Get some friends Yeah yeah. You have a lot of friends. But are they playing FarmVille? Some things (like acquiring more land) require certain amounts of friends. Make sure you engage some of your friends to be your FarmVille neighbors. If, like me, you don't want to spam people who hate all the...

How Adsense Changed the Internet

Ever since Google came up with the master idea that is AdSense, the web has transformed in a variety of ways no one would have ever suspected. Some of these are good changes others aren't. This is a small exploration of how a brilliant marketing scheme has taken the web by storm. It deals with the changes advertisers and publishers and even website visitors have undergone ever since AdSense has become a daily part of our on-line lives. Even before AdSense came out a lot of people were advertising through AdWords. It ensured a lot of publicity through getting your site listed at the top in Google search queries. It took away a lot of the pain and price of SEO and the large amount of time you had to wait until you were finally on top. It made launching a website, a realistic way to instant profitability instead of a long term strategy with no immediate returns. Through the use of AdSense, the possibility appeared of having your ads appear on just about any site on the Internet that h...