How is a computer pasword cracked?

[Elf Grinder 3000]

Hi,

I was wondering if anyone knows how a computer password is cracked, why cant they have full proof encryption. I dont know a lot about this.

My understanding was that password cracks are "brute force" where a program guesses until the correct password is reached. But this doesnt make sense because a password longer then about 10 characters would take years to crack just by guessing. So how is it done?

Thanks

 

[Terry]

This is one way it can be sped up: http://en.wikipedia.org/wiki/Rainbow_table

Use this knowledge for good, not evil.

 

[Brian-M]

Hi,

I was wondering if anyone knows how a computer password is cracked, why cant they have full proof encryption. I dont know a lot about this.

My understanding was that password cracks are "brute force" where a program guesses until the correct password is reached. But this doesnt make sense because a password longer then about 10 characters would take years to crack just by guessing. So how is it done?

Thanks

Most people use passwords much shorter than 10 characters, which makes things easier for crackers. Many people use real words as part of their passwords, so crackers often write password cracking programs which combine real words with letters and numbers to increase their chances.

 

[not daSkeptic]

In addition to the above methods, sometimes the algorithm used to encode a password is flawed and things can be decoded.

 

[lomiller]

In addition to the above methods, sometimes the algorithm used to encode a password is flawed and things can be decoded.

For example in NTLM (The type of authentication Microsoft used to use) longer passwords could be cracked in parts. Crack the first 8 characters, then work on the ones after. NTLM is turned off bt default not, but you still need to turn it back on if there are old Windows 98, Windows ME machines connecting.

In addition, there are plenty of easy ways to get passwrods. The most common are social engineering where you convince people to send you their password, and keystroke loggers installed in trojens that record what you type in and send to someone. These can get on your computer via "free" software you download, or in some cases simply clicking "close" on a pop-up.

 

[Ginarley]

I don't know much about this myself but I do remember the old Excel worksheet protection passwords were encrypted in such a way that there were far less encrypted versions than there were actual passwords (i.e. many different words encrypted to the same string) which massively narrows down the brute force search.

 

[Kevin_Lowe]

In addition to what others have said, if you don't care about getting a specific person's password you can just grab the low-hanging fruit provided by people with dumb passwords.

Try a few million usernames and you'll probably find someone whose password is "letmein" or "password".

 

[JWideman]

WEP encryption is notoriously flawed. 128 bit password takes 60 seconds.

 

[rjh01]

One ex member here had the bright idea of saying that if you type your password for the forum in a thread it would be **** out. I think he was hoping to get people to type their password, then he could use their user name. For that he was justly banned.

 

[TobiasTheViking]

Hi,

I was wondering if anyone knows how a computer password is cracked, why cant they have full proof encryption. I dont know a lot about this.

My understanding was that password cracks are "brute force" where a program guesses until the correct password is reached. But this doesnt make sense because a password longer then about 10 characters would take years to crack just by guessing. So how is it done?

Thanks

If you have physical access you really don't need to bruteforce. You can usually just use a boot disk and then change the password file(ie, reset or clear the password).

You can do that on most operating systems.

 

[El Greco]

Other times you can just circumvent a password, ie jump to code that is executed after password validation.

 

[nathan]

WEP encryption is notoriously flawed. 128 bit password takes 60 seconds.

Yup, it was an encryption scheme designed by non-cryptographers. It makes some other fundamental mistakes.

If you have physical access you really don't need to bruteforce. You can usually just use a boot disk and then change the password file(ie, reset or clear the password).

Correct. An author friend of mine asked me about password hacking, and that's what I told her (in the plot they had physical access -- game over).

 

[shuttlt]

My work just implemented complex passwords. Super secure except that nobody can remember them unless they write them down, or use some a pattern of keys. Net result.... pissed off users and greatly degraded security.

 

[rjh01]

I hate passwords. About the only good thing about them is that most of the alternatives are even worse.

 

[shuttlt]

We've got finger print sensors on the door of our machine room. They don't work so good if you're in a rush or stressed.

 

[nathan]

We've got finger print sensors on the door of our machine room. They don't work so good if you're in a rush or stressed.

Or have MythBusters in the area http://www.metacafe.com/watch/250607/mythbusters_high_tech_security_system/

 

[Kahalachan]

A long time ago when the internet was starting to become popular in the mainstream, I just observed chat rooms and forums, got their birthdate, zip code, and would sometimes prompt answers to security questions like "What was your first dog?"

There's lots of morons who will say something like "96814 reprezent" and willingly give out personal information to make it easy to get into Email.

Once Email is accessed, it's easy to get passwords sent to that Email account from all sorts of places.

I did this as curiousity and didn't tamper with their profiles or send Emails to their contact list.


So even if you're not some computer expert, there are lots of idiots out there to take advantage of with a few tricks. Sort of like how woo cons people.

But this topic is interesting cause I never understood how people hack aside from brute force programs. The Rainbow Table link is cool.

 

[nathan]

But this topic is interesting cause I never understood how people hack aside from brute force programs. The Rainbow Table link is cool.

Ok, here's another story of password retrieval. It required an account on the target machine, so you could use it for privilege escalation. The authentication routine would reject the password at the first wrong character it reached. Of course this didn't happen at the keyboard level, but at the internal level of the authentication routine scanning the string passed to it. However, if you arranged for the password to straddle a page boundary, and arranged for the second page to be paged out, you could, through timing, guess how far along the password the checker had got. Of course there's some randomness here, and arranging for a just written-to page to be probably paged out is tricky. But it did work, and it did cause a software update to make the scanner scan the whole password regardless. Hm, not sure why you'd simply do this where the next page wasn't available and catch a segmentation fault. I think it was VMS and I'm not very familiar with its internals.

 

[Dancing David]

There is also just good old detective work, many people use very plain passwords that can be obtained with a little guess work, child names, years of birth silly things like that. Then someone can find this information and just try it.
And since many people use the same password on multiple systems, bingo.

 

[Fishstick]

I hate passwords. About the only good thing about them is that most of the alternatives are even worse.

Try OTP tokens. Push butan, receive password.