Editing Password cracking

{{Short description|Recovering passwords stored or transmitted by computer systems}}
{{Use mdy dates|date=April 2025}}

In cryptanalysis and [[computer security]], '''password cracking''' is the process of guessing passwords<ref name=":0"/> protecting a [[computer system]]. A common approach ([[brute-force attack]]) is to repeatedly try guesses for the password and to check them against an available [[cryptographic hash function|cryptographic hash]] of the password.<ref name="MM1">{{cite web |last=Montoro |first=Massimiliano |title=Cain & Abel User Manual: Brute-Force Password Cracker |website=oxid.it (defunct) |year=2005 |url=http://www.oxid.it/ca_um/topics/brute-force_password_cracker.htm |access-date=August 13, 2013 |url-status=unfit |archive-url=https://web.archive.org/web/20190607000927/http://www.oxid.it/ca_um/topics/brute-force_password_cracker.htm |archive-date=June 7, 2019}}</ref> Another type of approach is '''password spraying''', which is often automated and occurs slowly over time in order to remain undetected, using a list of common passwords.<ref>{{cite web |url=https://auth0.com/blog/what-is-password-spraying-how-to-stop-password-spraying-attacks/ |title=What Is Password Spraying? How to Stop Password Spraying Attacks}}</ref>

The purpose of password cracking might be to help a user recover a forgotten password (due to the fact that installing an entirely new password would involve System Administration privileges), to gain unauthorized access to a system, or to act as a preventive measure whereby [[system administrator]]s check for easily crackable passwords. On a file-by-file basis, password cracking is utilized to gain access to digital evidence to which a judge has allowed access, when a particular file's permissions restricted.

==Time needed for password searches==
The time to crack a password is related to bit strength, which is a measure of the password's [[entropy (information theory)|entropy]], and the details of how the password is stored. Most methods of password cracking require the computer to produce many candidate passwords, each of which is checked. One example is [[brute-force attack|brute-force]] cracking, in which a computer tries ''every'' possible key or password until it succeeds. With multiple processors, this time can be optimized through searching from the last possible group of symbols and the beginning at the same time, with other processors being placed to search through a designated selection of possible passwords.<ref>{{cite journal |last1=Bahadursingh |first1=Roman |title=A Distributed Algorithm for Brute Force Password Cracking on n Processors |date=January 19, 2020 |doi=10.5281/zenodo.3612276 |url=https://zenodo.org/record/3612276}}</ref> More common methods of password cracking, such as [[dictionary attack]]s, pattern checking, and variations of common words, aim to optimize the number of guesses and are usually attempted before brute-force attacks. Higher password bit strength exponentially increases the number of candidate passwords that must be checked, on average, to recover the password and reduces the likelihood that the password will be found in any cracking dictionary.<ref name="SS1">{{cite web |last=Lundin |first=Leigh |title=PINs and Passwords, Part 2 |website=SleuthSayers.org |location=Orlando |date=August 11, 2013 |url=https://www.sleuthsayers.org/2013/08/pins-and-passwords-part-2.html}}</ref>

The ability to crack passwords using computer programs is also a function of the number of possible passwords per second which can be checked. If a hash of the target password is available to the attacker, this number can be in the billions or trillions per second, since an ''offline attack'' is possible. If not, the rate depends on whether the authentication software limits how often a password can be tried, either by time delays, [[CAPTCHA]]s, or forced lockouts after some number of failed attempts. Another situation where quick guessing is possible is when the password is used to form a [[cryptographic key]]. In such cases, an attacker can quickly check to see if a guessed password successfully decodes encrypted data.

For some kinds of password hash, ordinary desktop computers can test over a hundred million passwords per second using password cracking tools running on a general purpose CPU and billions of passwords per second using GPU-based password cracking tools<ref name=":0">[http://hashcat.net/oclhashcat-lite/ oclHashcat-lite – advanced password recovery]. Hashcat.net. Retrieved on January 31, 2013.</ref><ref name="bugcharmer">Alexander, Steven. (June 20, 2012) [https://bugcharmer.blogspot.com/2012/06/how-long-should-passwords-be.html The Bug Charmer: How long should passwords be?]. Bugcharmer.blogspot.com. Retrieved on January 31, 2013.</ref><ref>[http://blog.cryptohaze.com/2012/07/154-billion-ntlmsec-on-10-hashes.html Cryptohaze Blog: 154 Billion NTLM/sec on 10 hashes]. Blog.cryptohaze.com (July 15, 2012). Retrieved on January 31, 2013.</ref> {{xref|(see [[John the Ripper]] benchmarks)}}.<ref>[http://openwall.info/wiki/john/benchmarks John the Ripper benchmarks]. openwall.info (March 30, 2010). Retrieved on January 31, 2013.</ref> The rate of password guessing depends heavily on the cryptographic function used by the system to generate password hashes. A suitable password hashing function, such as [[bcrypt]], is many orders of magnitude better than a naive function like simple [[MD5]] or [[Secure Hash Algorithm|SHA]]. A user-selected eight-character password with numbers, mixed case, and symbols, with commonly selected passwords and other dictionary matches filtered out, reaches an estimated 30-bit strength, according to NIST. 2<sup>30</sup> is only one billion permutations<ref>{{Cite report |url=https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-63ver1.0.2.pdf |title=Electronic authentication guideline |last=Burr |first=W E |last2=Dodson |first2=D F |date=2006 |publisher=National Institute of Standards and Technology |issue=NIST SP 800-63v1.0.2 |doi=10.6028/nist.sp.800-63v1.0.2 |location=Gaithersburg, MD |language=en |last3=Polk |first3=W T}}</ref> and would be cracked in seconds if the hashing function were naive. When ordinary desktop computers are combined in a cracking effort, as can be done with [[botnet]]s, the capabilities of password cracking are considerably extended. In 2002, [[distributed.net]] successfully found a 64-bit [[RC5]] key in four years, in an effort which included over 300,000 different computers at various times, and which generated an average of over 12 billion keys per second.<ref name=distributed>{{cite web |title=64-bit key project status |publisher=Distributed.net |access-date=March 27, 2008 |url=https://stats.distributed.net/projects.php?project_id=5 |url-status=dead |archive-url=https://web.archive.org/web/20130910051812/http://stats.distributed.net/projects.php?project_id=5 |archive-date=September 10, 2013}}</ref>

[[Graphics processing unit]]s can speed up password cracking by a factor of 50 to 100 over general purpose computers for specific hashing algorithms. As an example, in 2011, available commercial products claimed the ability to test up to 2,800,000,000 [[NTLM]] passwords a second on a standard desktop computer using a high-end graphics processor.<ref name=elcomsoft>{{cite web |url=http://www.elcomsoft.com/eprb.html#gpu |title=Password Recovery Speed table |publisher=[[ElcomSoft]] |accessdate=February 1, 2011 |archive-url=https://web.archive.org/web/20110221191727/http://www.elcomsoft.com/eprb.html#gpu |archive-date=2011-02-21}}</ref> Such a device can crack a 10-letter single-case password in one day. The work can be distributed over many computers for an additional speedup proportional to the number of available computers with comparable GPUs. However some algorithms run slowly, or even are specifically designed to run slowly, on GPUs. Examples are [[Data Encryption Standard|DES]], [[Triple DES]], [[bcrypt]], [[scrypt]], and [[Argon2]].

Hardware acceleration in a [[graphics processing unit|GPU]] has enabled resources to be used to increase the efficiency and speed of a brute force attack for most hashing algorithms. In 2012, Stricture Consulting Group unveiled a 25-GPU cluster that achieved a brute force attack speed of 350 billion guesses of NTLM passwords per second, allowing them to check <math display="inline">95^8</math>password combinations in 5.5 hours, enough to crack all 8-character alpha-numeric-special-character passwords commonly used in enterprise settings. Using ocl-[[Hashcat]] Plus on a Virtual [[OpenCL]] cluster platform,<ref>{{cite web |url=https://mosix.cs.huji.ac.il/txt_vcl.html/ |title=VCL Cluster Platform |website=mosix.cs.huji.ac.il}}</ref> the Linux-based [[GPU cluster]] was used to "crack 90 percent of the 6.5 million password hashes belonging to users of LinkedIn".<ref>{{cite web |url=https://arstechnica.com/information-technology/2012/12/25-gpu-cluster-cracks-every-standard-windows-password-in-6-hours/ |title=25-GPU cluster cracks every standard Windows password in <6 hours |year=2012}}</ref>

For some specific hashing algorithms, CPUs and GPUs are not a good match. Purpose-made hardware is required to run at high speeds. Custom hardware can be made using [[FPGA]] or [[application-specific integrated circuit|ASIC]] technology. Development for both technologies is complex and (very) expensive. In general, FPGAs are favorable in small quantities, ASICs are favorable in (very) large quantities, more energy efficient, and faster. In 1998, the [[Electronic Frontier Foundation]] (EFF) built a dedicated password cracker using ASICs. Their machine, [[EFF DES cracker|Deep Crack]], broke a DES 56-bit key in 56 hours, testing over 90 billion keys per second.<ref name=EFF-deep-crack>{{cite web |title=EFF DES Cracker machine brings honesty to crypto debate |publisher=EFF |url=http://w2.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/HTML/19980716_eff_descracker_pressrel.html |access-date=June 7, 2020 |url-status=dead |archive-url=https://web.archive.org/web/20100101001853/http://w2.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/HTML/19980716_eff_descracker_pressrel.html |archive-date=January 1, 2010}}</ref> In 2017, leaked documents showed that ASICs were used for a military project that had a potential to code-break many parts of the Internet communications with weaker encryption.<ref>{{cite web |title=NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet |last1=Biddle |first1=Sam |date=May 11, 2017 |website=The Intercept |url=https://theintercept.com/2017/05/11/nyu-accidentally-exposed-military-code-breaking-computer-project-to-entire-internet/}}</ref> Since 2019, John the Ripper supports password cracking for a limited number of hashing algorithms using FPGAs.<ref>{{cite web |url=https://www.openwall.com/lists/announce/2019/05/14/1 |title=announce - [openwall-announce] John the Ripper 1.9.0-jumbo-1 |website=openwall.com}}</ref> Commercial companies are now using FPGA-based setups for password cracking.<ref>{{cite web |url=https://scatteredsecrets.medium.com/bcrypt-password-cracking-extremely-slow-not-if-you-are-using-hundreds-of-fpgas-7ae42e3272f6 |title=Bcrypt password cracking extremely slow? Not if you are using
|website=Medium|date=September 8, 2020
}}</ref>

==Easy to remember, hard to guess==
Passwords that are difficult to remember will reduce the security of a system because:
*users might need to write down or electronically store the password using an insecure method,
*users will need frequent password resets, and
*users are more likely to re-use the same password.

Similarly, the more stringent the requirements for password strength, e.g. "have a mix of uppercase and lowercase letters and digits" or "change it monthly", the greater the degree to which users will subvert the system.<ref>[https://web.archive.org/web/20110126220702/http://all.net/journal/netsec/1997-09.html Managing Network Security]. Fred Cohen & Associates. All.net. Retrieved on January 31, 2013.</ref>

In "The Memorability and Security of Passwords",<ref>{{cite journal |url=https://prof-jeffyan.github.io/jyan_ieee_pwd.pdf |title=Password Memorability and Security: Empirical Results |doi=10.1109/MSP.2004.81 |year=2004 |last1=Yan |first1=J. |last2=Blackwell |first2=A. |last3=Anderson |first3=R. |last4=Grant |first4=A. |journal=IEEE Security & Privacy Magazine |volume=2 |issue=5 |pages=25 |s2cid=206485325}}</ref> Jeff Yan ''et al.'' examine the effect of advice given to users about a good choice of password. They found that passwords based on thinking of a phrase and taking the first letter of each word are just as memorable as naively selected passwords, and just as hard to crack as randomly generated passwords. Combining two unrelated words is another good method. Having a personally designed "[[algorithm]]" for generating obscure passwords is another good method.

However, asking users to remember a password consisting of a "mix of uppercase and lowercase characters" is similar to asking them to remember a sequence of bits: hard to remember, and only a little bit harder to crack (e.g. only 128 times harder to crack for 7-letter passwords, less if the user simply capitalizes one of the letters). Asking users to use "both letters and digits" will often lead to easy-to-guess substitutions such as 'E' → '3' and 'I' → '1': substitutions which are well known to attackers. Similarly, typing the password one keyboard row higher is a common trick known to attackers.

Research detailed in an April 2015 paper by several professors at [[Carnegie Mellon University]] shows that people's choices of password structure often follow several known patterns. For example, when password requirements require a long minimum length such as 16 characters, people tend to repeat characters or even entire words within their passwords.<ref name="Steinberg">{{cite news |title=New Technology Cracks 'Strong' Passwords – What You Need To Know |url=https://www.forbes.com/sites/josephsteinberg/2015/04/21/new-technology-cracks-long-complex-passwords-what-you-need-to-know/ |work=Forbes |first=Joseph |last=Steinberg |date=April 21, 2015}}</ref> As a result, passwords may be much more easily cracked than their mathematical probabilities would otherwise indicate. Passwords containing one digit, for example, disproportionately include it at the end of the password.<ref name="Steinberg"/>

==Incidents==
On July 16, 1998, [[CERT Coordination Center|CERT]] reported an incident where an attacker had found 186,126 encrypted passwords. By the time the breach was discovered, 47,642 passwords had already been cracked.<ref name="CERT IN-98.03">{{cite web |title=CERT IN-98.03 |url=http://www.cert.org/incident_notes/IN-98.03.html |access-date=September 9, 2009 |url-status=dead |archive-url=https://web.archive.org/web/20100709212628/http://www.cert.org/incident_notes/IN-98.03.html |archive-date=2010-07-09}}</ref>

In December 2009, a major password breach of [[RockYou|Rockyou.com]] occurred that led to the release of 32 million passwords. The attacker then leaked the full list of the 32 million passwords (with no other identifiable information) to the internet. Passwords were stored in [[Plaintext|cleartext]] in the database and were extracted through an [[SQL injection]] vulnerability. The [[Imperva]] Application Defense Center (ADC) did an analysis on the strength of the passwords.<ref name=":1">{{cite web |title=Consumer Password Worst Practices |website=Imperva.com |url=https://www.imperva.com/docs/gated/WP_Consumer_Password_Worst_Practices.pdf}}</ref> Some of the key findings were:

*about 30% of users chose passwords whose length was below seven characters,
*almost 60% of users chose their passwords from a limited set of alpha-numeric characters, and
*nearly 50% of users used names, slang words, dictionary words, or trivial passwords that employed weak constructs such as consecutive digits and/or adjacent keyboard {{nowrap|keys{{hsp}}{{mdash}}}}{{hsp}}case in point, the most common password among RockYou account owners was simply “123456”.<ref name=":1" />

In June 2011, [[NATO]] (North Atlantic Treaty Organization) suffered a security breach that led to the public release of first and last names, usernames, and passwords of more than 11,000 registered users of their e-bookshop. The data were leaked as part of [[Operation AntiSec]], a movement that includes [[Anonymous (group)|Anonymous]], [[LulzSec]], and other hacking groups and individuals.<ref>{{cite web |title=NATO Hack Attack |website=[[The Register]] |url=https://www.theregister.com/2011/06/24/nato_hack_attack/ |access-date=July 24, 2011}}</ref>

On July 11, 2011, [[Booz Allen Hamilton]], a large American consulting firm that does a substantial amount of work for [[the Pentagon]], had its servers hacked by [[Anonymous (group)|Anonymous]] and leaked the same day. "The leak, dubbed 'Military Meltdown Monday', includes 90,000 logins of military personnel—including personnel from [[United States Central Command|USCENTCOM]], [[United States Special Operations Command|SOCOM]], the [[United States Marine Corps|Marine Corps]], various [[United States Air Force|Air Force]] facilities, [[Homeland Security]], [[United States State Department|State Department]] staff, and what looks like private-sector contractors."<ref>{{cite web |url=https://gizmodo.com/anonymous-leaks-90-000-military-email-accounts-in-lates-5820049 |title=Anonymous Leaks 90,000 Military Email Accounts in Latest Antisec Attack |date=July 11, 2011}}</ref> These leaked passwords were found to be hashed with [[salt (cryptography)|unsalted]] [[SHA-1]], and were later analyzed by the ADC team at [[Imperva]], revealing that even some military personnel used passwords as weak as "1234".<ref>{{cite web |title=Military Password Analysis |date=July 12, 2011 |website=Imperva.com |url=https://www.imperva.com/blog/military-password-analysis/}}</ref>

On July 18, 2011, Microsoft Hotmail banned the password: "123456".<ref>{{cite web |title=Microsoft's Hotmail Bans 123456 |website=Imperva.com |date=July 18, 2011 |url=http://blog.imperva.com/2011/07/microsofts-hotmail-bans-123456.html |url-status=dead |archive-url=https://web.archive.org/web/20120327010416/http://blog.imperva.com/2011/07/microsofts-hotmail-bans-123456.html |archive-date=March 27, 2012}}</ref>

In July 2015, a group calling itself "The Impact Team" [[Ashley Madison data breach|stole the user data of Ashley Madison]].<ref>{{cite web |title=Ashley Madison: Hackers Dump Stolen Dating Site Data |url=https://www.bankinfosecurity.com/ashley-madison-hackers-dump-stolen-dating-site-data-a-8484 |access-date=April 11, 2021 |website=bankinfosecurity.com |language=en}}</ref> Many passwords were hashed using both the relatively strong [[bcrypt]] algorithm and the weaker [[MD5]] hash. Attacking the latter algorithm allowed some 11 million plaintext passwords to be recovered by password cracking group CynoSure Prime.<ref>{{cite web |title=Researchers Crack 11 Million Ashley Madison Passwords |url=https://www.bankinfosecurity.com/researchers-crack-11-million-ashley-madison-passwords-a-8528 |access-date=April 11, 2021 |website=bankinfosecurity.com |language=en}}</ref>

==Prevention==
One method of preventing a password from being cracked is to ensure that attackers cannot get access even to the hashed password. For example, on the [[Unix]] [[operating system]], hashed passwords were originally stored in a publicly accessible file <code>/etc/passwd</code>. On modern Unix (and similar) systems, on the other hand, they are stored in the [[shadow password]] file <code>/etc/shadow</code>, which is accessible only to programs running with enhanced privileges (i.e., "system" privileges). This makes it harder for a malicious user to obtain the hashed passwords in the first instance, however many collections of password hashes have been stolen despite such protection.  And some common network protocols transmit passwords in cleartext or use weak challenge/response schemes.<ref>{{cite journal |title=No Plaintext Passwords |journal=Login |date=November 2001 |volume=26 |issue=7 |pages=83–91 |author=Singer, Abe |url=https://www.usenix.org/system/files/login/issues/login_nov_2001.pdf |url-status=live |archive-url=https://web.archive.org/web/20060924002626/http://www.usenix.org/publications/login/2001-11/pdfs/singer.pdf |archive-date=September 24, 2006}}</ref><ref>{{cite web |url=https://www.schneier.com/academic/archives/1998/11/cryptanalysis_of_mic.html |title=Cryptanalysis of Microsoft's Point-to-Point Tunneling Protocol |website=Schneier.com |date=July 7, 2011 |accessdate=January 31, 2013}}</ref>

The use of [[salt (cryptography)|salt]], a random value unique to each password that is incorporated in the hashing, prevents multiple hashes from being attacked simultaneously and also prevents the creation of pre-computed dictionaries such as [[rainbow table]]s.

Another approach is to combine a site-specific secret key with the password hash, which prevents plaintext password recovery even if the hashed values are purloined. However [[privilege escalation]] attacks that can steal protected hash files may also expose the site secret. A third approach is to use [[key derivation function]]s that reduce the rate at which passwords can be guessed.<ref>{{cite journal |title=SP 800-63B-3 – Digital Identity Guidelines: Authentication and Lifecycle Management |publisher=NIST |date=June 2017 |last=Grassi |first=Paul A |doi=10.6028/NIST.SP.800-63b |doi-access=free |url=https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf}}</ref>{{rp|5.1.1.2}}

Modern Unix Systems have replaced the traditional [[Data Encryption Standard|DES]]-based password hashing function [[Crypt (C)|crypt()]] with stronger methods such as [[crypt (C)|crypt-SHA]], [[bcrypt]], and [[scrypt]].<ref>[http://www.usenix.org/events/usenix99/provos.html A Future-Adaptable Password Scheme]. Usenix.org (March 13, 2002). Retrieved on January 31, 2013.</ref> Other systems have also begun to adopt these methods. For instance, the Cisco IOS originally used a reversible [[Vigenère cipher]] to encrypt passwords, but now uses md5-crypt with a 24-bit salt when the "enable secret" command is used.<ref>[http://c3rb3r.openwall.net/mdcrack/download/FAQ-18.txt MDCrack FAQ 1.8]. None. Retrieved on January 31, 2013.</ref> These newer methods use large salt values which prevent attackers from efficiently mounting offline attacks against multiple user accounts simultaneously. The algorithms are also much slower to execute which drastically increases the time required to mount a successful offline attack.<ref name="usenix.org">[http://www.usenix.org/publications/login/2004-06/pdfs/alexander.pdf Password Protection for Modern Operating Systems]. Usenix.org. Retrieved on January 31, 2013.</ref>

Many hashes used for storing passwords, such as [[MD5]] and the [[Secure Hash Algorithm (disambiguation)|SHA]] family, are designed for fast computation with low memory requirements and efficient implementation in hardware. Multiple instances of these algorithms can be run in parallel on [[graphics processing unit]]s (GPUs), speeding cracking. As a result, fast hashes are ineffective in preventing password cracking, even with salt. Some [[key stretching]] algorithms, such as [[PBKDF2]] and [[crypt (C)|crypt-SHA]] iteratively calculate password hashes and can significantly reduce the rate at which passwords can be tested, if the iteration count is high enough. Other algorithms, such as [[scrypt]] are [[memory-hard function|memory-hard]], meaning they require relatively large amounts of memory in addition to time-consuming computation and are thus more difficult to crack using GPUs and custom integrated circuits.

In 2013 a long-term [[Password Hashing Competition]] was announced to choose a new, standard algorithm for password hashing,<ref>{{cite web |title=Password Hashing Competition |url=https://www.password-hashing.net/cfh.html |access-date=March 3, 2013 |url-status=dead |archive-url=https://web.archive.org/web/20130902044128/https://password-hashing.net/call.html |archive-date=September 2, 2013}}</ref> with [[Argon2]] chosen as the winner in 2015. Another algorithm, [[Balloon hashing|Balloon]], is recommended by [[National Institute of Standards and Technology|NIST]].<ref>{{cite web |url=https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf |title=NIST SP800-63B Section 5.1.1.2 |website=nvlpubs.nist.gov}}</ref> Both algorithms are memory-hard.

Solutions like a [[security token]] give a {{Clarify | text = [[formal proof]] answer| date = June 2024 | reason = Unclear what this means.  Details not in the security token article either.}} by constantly shifting password. Those solutions abruptly reduce the timeframe available for [[brute-force attack|brute forcing]] (the attacker needs to break and use the password within a single shift) and they reduce the value of the stolen passwords because of its short time validity.

==Software==
{{Main category|Password cracking software}}

There are many password cracking software tools, but the most popular<ref name="sectools-top-10">{{cite web |url=https://sectools.org/tag/pass-audit/ |access-date=November 1, 2009 |title=Top 10 Password Crackers |publisher=Sectools}}</ref> are [[Aircrack-ng]], [[Cain and Abel (software)|Cain & Abel]], [[John the Ripper]], [[Hashcat]], [[Hydra (software)|Hydra]], [[DaveGrohl]], and [[ElcomSoft]]. Many [[computer forensics|litigation support software]] packages also include password cracking functionality. Most of these packages employ a mixture of cracking strategies; algorithms with brute-force and dictionary attacks proving to be the most productive.<ref>{{cite web |date=September 28, 2016 |title=Stay Secure: See How Password Crackers Work - Keeper Blog |url=https://www.keepersecurity.com/blog/2016/09/28/how-password-crackers-work/ |access-date=November 7, 2020 |website=Keeper Security Blog - Cybersecurity News & Product Updates |language=en-US}}</ref>

The increased availability of computing power and beginner friendly automated password cracking software for a number of protection schemes has allowed the activity to be taken up by [[script kiddie]]s.<ref name=Anderson1>{{cite news |last=Anderson |first=Nate |title=How I became a password cracker: Cracking passwords is officially a "script kiddie" activity now. |url=https://arstechnica.com/information-technology/2013/03/how-i-became-a-password-cracker/ |access-date=March 24, 2013 |newspaper=[[Ars Technica]] |date=March 24, 2013}}</ref>

==See also==
* [[Brute-force attack]]
* [[Cold boot attack]]
* [[Dictionary attack]]
* [[Password strength]]
* [[Smudge attack]]

==References==
{{Reflist}}

==External links==
* [https://lasecwww.epfl.ch/pub/lasec/doc/Oech03.pdf Philippe Oechslin: Making a Faster Cryptanalytic Time-Memory Trade-Off.] CRYPTO 2003: pp617–630
* [https://web.archive.org/web/20111125074810/http://dazzlepod.com/disclosure/ Roundup of leaks made by The Anonymous and LulzSec in 2011]
* [http://folk.uio.no/josang/passwords-conference/ International passwords conference]
* [https://www.openwall.com/presentations/Passwords12-The-Future-Of-Hashing/ Password security: past, present, future, Passwords12 presentation]
* [https://wiki.skullsecurity.org/index.php?title=Passwords Skullsecurity list of breached password collections]

{{Password Cracking Software}}

[[Category:Cryptographic attacks]]
[[Category:Password cracking software|*]]
[[Category:System administration]]