New Banner 3

Services

Find out more about ProCheckUp's services including: Penetration Testing, PCI QSA and PCI ASV.

More detail

Client Quote

ProCheckUp are extremely flexible in meeting our requirements. The output is professional and of a consistently high standard with clear evidence that the testers are at the top of their game.
CPP

Ask the Experts - Richard Brain - How effective are password hack tools?

19 May 2009 by Richard Brain, ProCheckUp at SearchSecurity.co.UK

SearchSecurity QUESTION POSED ON: 19 May 2009

How effective are current password hack tools, and what can be done to enable secure user authentication and defend against them?

Password hack tools have continually improved in the past few years. In late 2008, for example, a Russian firm used parallel Nvidia Graphics cards to dramatically reduce the time needed to crack WPA Wi-Fi passwords.

The cracking process also becomes even faster if extensive rainbow tables are used. These tables contain pre-calculated password hash lookups, which can break the encryption used to protect the passwords, and therefore provide a shortcut for those trying to hack them. Thanks to these recent improvements, it is now trivial to crack a password based on a dictionary word or a dictionary word combined with a number.

The best defence against password hack tools is to create a strong password consisting of multiple words, numbers and characters of mixed case. It is also common to find the Leet alphabet (Internet slang, similar to the spellings and abbreviations used in telephone text messages) or password generators, being used to create strong passwords.

The following article appears on Search Security. You can click here to read it in its original source.

Back To listing