The goal here is to collect enough information to gain access to the target.
There are few basic methods of password cracking:
Bruteforce: trying all possible combinations until the password is cracked.
Dictionary attack: This is a compiled list of meaningful words, compared against the password field till a match is found.
Rule based attack: If some details about the target are known, we can create rules based on the information we know.
Rainbow table: Instead of comparing the passwords directly, taking the hash value of the password, comparing them with a list of pre-computed hash values until a match is found.
Rainbow table method gives an advantage to the attacker since no account lockout is enabled for wrong hashes against the password. To prevent rainbow table attack, salting can be used. Salting is a process of adding random numbers to the password so the attacker will not be able to crack the hash without that salt added.
Types of Password Attacks
Passive online attacks
A passive attack is an attack on a system that does not result in a change to the system in any way.
The attack is to purely monitor or record data.
Man in the middle
Active online attack
An active online attack is the easiest way to gain unauthorized administrator-level access to the system
Offline attacks occur when the intruder checks the validity of the passwords. Offline attacks are often time to consume.
Non-electronic attacks are also known as non-technical attacks. This kind of attack doesn't require any technical knowledge about the methods of intruding into another system.
How to defend against password cracking:
Don't share your password with anyone
Do not use the same passwords during password change
Enable security auditing to help monitor and track password attack
Do not use cleartext protocols and protocols with weak encryption
Set the password change policy to 30 days
Monitor the server’s logs for brute force attacks on the user’s accounts
Avoid storing passwords in an unsecured location
Never use passwords such as date of birth, spouse, or child’s or pet’s name
Enable SYSKEY with the strong password to encrypt and protect the SAM database
Lockout an account subjected to too many incorrect password guesses.