Changes

An Overview of IT Security Threats and Attacks

1,048 bytes added, 19:33, 14 February 2008
Dictionary Password Attacks
== Dictionary Password Attacks ==
 
Dictionary password attacks take advantage of the fact that many user simply rely on easy to remember words as their passwords. A dictionary attack simply works through a list of words from a dictionary to see if any of them turn out to be a valid password. Such brute force programs also take into consideration such tricks as using the number 3 instead of the letter 'e' and the number 1 in place of the letter 'l'.
 
== Password Cracking ==
 
Computer systems typically store the passwords which allow access to the system in a password file which is cryptographically protected from prying eyes. A number of password cracking programs are available for extracting the passwords from a password file. Some examples are the ''Crack'', ''John the Ripper'' and ''L0phtCrack'' programs, each of which attempts to decrypt password files. Obviously, the best approach to avoiding such programs being run is to prevent the password file from falling into the wrong hands and carefully monitoring systems to ensure unauthorized programs are not running.