A password is stored on the system in encrypted form. It has been run through an encryption algorithm. There should be no algorithm that will take a password in encrypted form and give back the original password, so that crackers can't find out a password just by asking the system. Instead, they use a program like "Crack" to breach password security. The Crack program works by taking strings of characters and encrypting them, then comparing the encrypted text against the password in encrypted form. If the two encrypted versions are the same, then the string of characters is the password.
It would take too long to simply try every possible combination of letters you could have as your password -- over 100,000 years on a reasonably fast machine. So Crack tries the most likely combinations. It starts with everything it can find out about you on the system, like your login name, your full name, your address, your social security number, etc. Trying all of these takes a few seconds.
Then it moves on to a huge dictionary containing words from all languages, place names, people names, names of characters in books, jargon, slang, and acronyms. It tries all of them as your password. This takes several minutes. After Crack is done with that, it tries variations on those words, such as:
It tries nearly every combination, and often successfully completes the task.
|
Copyright © 2014 CA.
All rights reserved.
|
|