Understanding How a Password is Cracked

Page Content

If you were to ask us what one of the most important cybersecurity features to have is, chances are, we’d answer “secure passwords.” Sure, this might be the answer that you’d hear from everyone, but that’s because it is really that important. For our tip, we’ll illustrate its importance by examining hackers’ key processes and password cracking tools used.


How Your Passwords Are Stored

When you input a password into a program or a website, it must be referenced against some record to ensure that it is the correct credential. That record contains your password in a mathematically-based scrambled form known as a hash.

Using password hashes to crack passwords means that the password isn’t as easy for a hacker to intercept. However, this is not to say that an attacker has no options to leverage, either.

Password Management for Business


How a Hacker Can Use Password Hashes & Other Password Cracking Tools

Unfortunately, there are a few ways that a hacker can still work to crack your password and gain unauthorized access. For instance, online attacks are typically leveraged with the assistance of social engineering or phishing efforts, with more likely passwords being deduced by the hacker before attempting any and inadvertently locking down the account.

There are also offline attacks where the hacker takes the hash and brings a copy offline to work as they can. These attacks are relatively effective against intercepted documents with password protections, although they are still far from easy.


Other Password Cracking Techniques

In order to effectively conduct an offline attack, the hacker may ultimately need to try out multiple passwords – numbers that can approach the millions and billions. However, hackers also have a few means to narrow down the possibilities, enabling them to greatly decrease the time it takes to crack the targeted account. Here are some of the techniques used for cracking passwords.


Dictionary Attacks

Many hackers have their own dictionaries of common or weak passwords to test out, with entries like ‘admin,’ “12345,” and the old classic, “password.” Of course, their resources could contain millions of potential passwords, and they usually utilize the computing power necessary to review them much faster than any human could unaided.


Character Set Attacks

If a password doesn’t appear in a hacker’s dictionary, they can instead utilize programs that enable them to cross-reference certain rules to identify a password’s contents. For instance, if they had the necessary information, a hacker could specify a certain number of characters in a password, whether any letters are capitalized or lowercase, and many more specific details. This enables passwords to be cracked much more efficiently.


Brute Force Attacks

When a gentler touch fails them to gain access, a hacker can perform a brute force attack on your password. These attacks try any combination of characters possible until they either stumble upon the correct combination or overwhelm a system.


How We Can Help You

As you can see, a password can be cracked in plenty of ways, which is precisely why we encourage users never to use the same password twice, regularly change their passwords, and utilize 2-factor authentication whenever possible. This will ensure that even if your password gets stolen, it is less likely to be used against you.

Reach out to us to learn more about your cybersecurity give Succurri a call today!


Learn how to do some amazing things with computers

A little introduction to doing stuff with computers that you wouldn’t know without reading this book.
Schedule a Call with Us

You’ll be able to select a time to discuss any IT support needs with us.

Sarah W
Sarah W.

Phoenix Consultant

More Articles

In a significant update to its product offerings, Intuit has announced the discontinuation of QuickBooks

In the fast-paced world of information technology, staying ahead is crucial. Whether starting your IT

Artificial Intelligence (AI) is a cornerstone of technological innovation in today’s rapidly evolving marketplace, reshaping

Submit a new Support Ticket