automated password cracking uses algorithm to crack passwords automated password cracking provides attacker an ease and is quite faster than manual password cracking
- Dictionary attack
- In the dictionary attack , firstly the encryption algorithm uses is found
- The encrypted password is than obtained
- From the lists of password , each password is encrypted using the same encryption algorithm and matched with original encrypted password ( obtained in step 2 )
- It matches each encrypted password with original encrypted password, until the match is found
- If match is found it show the password else the procedure is repeated again.
Attack speed is around 250-300 words per second
- Lan Manager Hash
LM Hash is a algorithm
by which the password are encrypted .
Algorithm of LM HASH
- Suppose the password created is 234567xyzabcd_.
- Firstly , all the characters are converted into uppercase letters , i.e. 234567XYZABCD_.
- If the password is less than 14 characters in length , null is added until the length of 14.
- Now the password is split into half , i.e 234567X and YZABCD_.
- Each half is separately encrypted and the result is concatenated
- Now to crack the alpha-numeric part (first half ) it take more than 20 hours . whereas it takes less than 5 minutes to crack the alphabetic part (second half )
Salting is a prevention mechanism for the passwords it disables or prevents deriving of the passwords from the lists of passwords . in salting , the two different hashes may contain same passwords , hence the representation differs.