Password CrackingLet's go out on a limb and say that your password is "scissors".
While this might seem like a mighty fine password on the surface (I hope it doesn’t,
but it might) – this password is extremely weak. Plain-text passwords are
subject to several types of attack - most notably the "dictionary attack".
The dictionary attack is one which a would be attacker will
automate a password guessing process using every word in the dictionary; and the dictionary definitely contains the word "scissors".
Now, what if your password were the word "Scissors" (with a capital "S")? This combination is not included in my password list. Why? Think about it. I cannot include every combination of the word scissors in my list or it would be HUGE, easily several hundred of thousands of time larger than it's current size.
Your password could be:
- "scissors"
- "Scissors"
- "Sci$$ors"
- "scissor$"
- "scis$ors!"
- "Sc|ssors"
- "Sciss0rs?"
- "S(iss0rs?"
…and this list goes
on and on and on for just the word "scissors"!!
So you might be thinking: How do we probe for a password which is not in the dictionary if we can't just build a list of every possible combination? Well, this is where permutations come in - and short of it is that we will need some manner of program. This way we can load a word from the list into memory and try to log-in with it. If the log-in fails, instead of simply moving on to the next word we will "mutate" the word a bit. We'll try adding a question mark to the end. Did that password work? No? What about replacing all of the S's in the word with dollar signs? ...I'm sure you get the gist.
Given a method, a password list and time; the possibilities are limitless. Check out
SQLPWAudit for a pre-baked solution for password auditing and recovery.
Be sure to grab most up-to-date version my my password list here: