Time to crack

Tactics

Combinations used

10 sec

A lot of people choose things that have some personal meaning to them, because they are instantly memorable. And, of course, easy to guess by anyone.

- names of people, pets and places;

- favorite things - football teams, foods etc.;

- words of things related to their work or computer use - monitor, book titles, 'password' etc.

1 min

Dictionary words in English or other likely localized languages,

- based on dictionaries.
10 min
Some people use one of the above and alter it in a predictable manner. Again easy to guess by anyone.

- adding numbers (chocolate14);

- changing letters to numbers (ch0c01ate);

- changing letters to symbols ( choco!@te );

- spelling words backwards ( etalocohc ).

2 weeks
Strong password with all possible combinations. These passwords are hard to crack, but also hard to remember by the user. So they ends up on a sticky pad around thier desk - which defeats the purpose of having a complex password.

- all possible combinations.

( X$y3#5w )

 

Here are some conclusions:

  • You will never be able to achieve one hundred percent security;
  • However, your choice of password determines how much time and effort a hacker has to invest to break into your system.
  • For network administrators, dealing with password maintenance could become a nightmare.
  • In a way, the situation is similar to securing your house against burglars - you will never achieve perfect security, but you can make it so difficult for burglars to get in that they give up and try somebody else's house instead.
  • Best soution = Use biometric technology and very strong passwords.

 

Top

How they crack your password

Imagine the situation:

They are trying to break into your computer, for which they need to know your password.

You have an Internet or internal network connection(s), so they can use password cracking scheme over your connected network.

They also use computer that does most of the work by having it try out all possible passwords according to some strategy they supply. Passwords are combination of up to 19 characters, made up of letters, numbers and special symbols. This means there is an enormous number of possible passwords. However, with a computer and the Password-Cracking software [that can be freely downloaded from internet by anyone], it would take them under two weeks to try out all possible combinations and succeed.

The following table will give you an idea of the tactics and the amount of time it takes for an intruder to learn your password(s).