Password attacks
The two most common password attacks are the dictionary attack and the brute force attack; let's look at these in turn:
- Dictionary attack: For a dictionary attack, we could start by using all of the words in the Oxford English Dictionary and use that list to try and crack passwords, but it cannot crack misspelled names or passwords with special characters such as $ or % as they don't appear in a dictionary.
Which of the following passwords will a dictionary attack crack?
elasticityel@ST1cityfred123blueberry
It will crack elasticity and blueberry, but el@STcity is not spelt properly and has numbers and characters not in a dictionary, therefore it will fail. It was also not crack fred123 as it ends in numbers; a dictionary contains only letters.
- Brute force attack: Brute force will run through all of the different combinations of letters and characters and eventually will crack the password. the length of the password may slow down brute force but it will eventually be cracked...
