Password attacks

The two most common password attacks are the dictionary attack and the brute force attack; let's look at these in turn:

  • Dictionary attack: For a dictionary attack, we could start by using all of the words in the Oxford English Dictionary and use that list to try and crack passwords, but it cannot crack misspelled names or passwords with special characters such as $ or % as they don't appear in a dictionary.

Which of the following passwords will a dictionary attack crack?

  • elasticity
  • el@ST1city
  • fred123
  • blueberry

It will crack elasticity and blueberry, but el@STcity is not spelt properly and has numbers and characters not in a dictionary, therefore it will fail. It was also not crack fred123 as it ends in numbers; a dictionary ...

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.