Password Cracking

Password Cracking - Types of Passwords Strings of...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Security Engineering Password Cracking Original slides prepared by K. Liszka, The University of Akron for 3460:453/553, Fall 2007 Types of Passwords • Strings of characters – Simple (3 digits for a garage door opener) – Complex pass phrases • String of characters + token – ATM card • Biometric – Fingerprints – Retinal scans Brief history of passwords • Early MS and Adobe used passwords to mean a file was password protected when opened with their application. • Microsoft Access 2.0 databases, password protected. Brief history of passwords • Microsoft Access 2.0 databases, password protected. Bankaccounts.mdb Bankaccounts.txt Brief history of passwords • Adobe PDF files in versions 4.0 and older were printable and often viewable using Linux PDF readers or Ghostview for Windows. Common sense for passwords • Isn’t a dictionary word. • Contains numbers, letters and those odd swear symbols on top of the numbers. • Contains upper and lower case letters. • The longer the stronger.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Does password length really matter? • 2 letter password – 26 letters, 10 digits – 687,000,000 possibilities • 8 letter password – 324,000,000,000,000,000,000,000,000,000,000 possibilities Password generators • Lots available on the Internet. • Pretty secure password. • Nearly impossible to remember. You can do better! • Pass phrases – Itwasadarkandstormynight – MySecurityClassLikesTrouble • First letters – gandt3b (goldilocks and the 3 bears) – latabom! (lions and tigers and bears oh my!) – JJPL2c1d (john, jill, paul, lucy, 2 cats, 1 dog – the members of your household) Password Cracking Attacks Look around • Post-its • Under the keyboard • Under the mousepad • In the top drawer • On the desk calendar (first or last page) • Don’t need too much imagination
Background image of page 2
3 • Bruce Schneier • Open source (free) • Only need to remember one password (safe combination) • http://passwordsafe.sourceforge.net/ Password Guessing • Use a little social engineering. – Girlfriend/significant other’s name
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/21/2011 for the course CS 567 taught by Professor Dr.shambooupadhyay during the Fall '09 term at SUNY Buffalo.

Page1 / 8

Password Cracking - Types of Passwords Strings of...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online