Homework # 5
forcing a password simply means that one is systematically trying to determine someone’s
password using all possible combinations of characters.
If we know that the password is either 5, 6
or 7 characters long, then the worst case scenario is that the very last password guessed is the
correct one, after trying every single combination of passwords that could be 5, 6 and 7 characters
Knowing that each character is either numeric or alphabetic (lower and upper case), the
calculation goes as follows to figure out how many different passwords we need to try:
Lower-case alphabetic character: 26
Upper-case alphabetic characters: 26
Numeric characters: 10 (1, 2, 3, 4, 5, 6, 7, 8, 9, 0)
Total # of possible characters to choose from: 26 + 26 + 10 = 62
Since the password can either be 5, 6 or 7 characters long, then in the worst-case scenario, the # of
different passwords needed to try would be =
3.579 x 10
A keylogger can be a physical device (
) or a program (
can track each character typed while the keylogger is on.
Its name is self-explanatory: it
that are punched in the form of a text file. Thus, it does not matter how good of a password
one has because it is still being recorded.
There are a couple of methods used to determine the
likelihood of what their password may be.
It all depends on the sequence of events that takes place:
If the hacker connects the device to a computer that is shut off, then when the user logs onto
their computer account, the first few typed characters would have to be their password.
If the hacker goes to a specific website that requires the user to log in (such as Hotmail or
Facebook), then the first set of characters will correspond to their e-mail address or username,
which is highly recognizable.
Then, chances are that the characters that follow will be the
password (assuming that the user does not type in any other web pages in between)
It is easy to identify what a password most likely would be if the user typed a random word that
appeared in the text file that is completely irrelevant to everything else that was typed.
Therefore, using a keylogger would be a good way to hack an account without the person knowing.