Exploring Password Cracking Techniques: Understanding the Threat Landscape
Keneilwe Zuva*
Department of Computer Science, University of Botswana, Gaborone, Botswana
*Corresponding Author: Keneilwe Zuva, Department of Computer Science,
University of Botswana, Gaborone, Botswana.
Received:
November 21, 2023; Published: November 30, 2023
Abstract
In an increasingly interconnected digital world, the threat posed by password cracking techniques has grown significantly. Malicious actors exploit these methods to gain unauthorized access to personal and private information, making cybersquatting a paramount concern. This research delves into the realm of password cracking techniques, aiming to evaluate network security within a controlled laboratory environment. The primary objective is to identify potential vulnerabilities and gauge the effectiveness of various password cracking methods. This study investigates several well-known password cracking techniques, including brute-force, dictionary attacks, and hybrid approaches. The insights gathered from these evaluations serve a dual purpose: revealing weaknesses in the network's security and assessing the strength of user passwords. The outcomes of this research highlight a concerning reality – a substantial portion of the passwords employed within the network are susceptible to cracking. Furthermore, our findings unveil deficiencies in the network's security protocols, notably the absence of robust password regulations and encryption practices. These revelations underscore the urgent need for enhanced security measures to safeguard the integrity of the network. The implications of this study extend beyond academic curiosity, as they hold critical implications for network security. The results provide a foundation for the formulation of more stringent security policies and serve as a valuable educational tool for network users. Emphasizing the importance of employing strong, unique passwords is paramount in fortifying their accounts against potential breaches. In conclusion, this research sheds light on the evolving threat landscape surrounding password security and advocates for proactive measures to protect sensitive information in an interconnected world.
Keywords: Network Security; Password Cracking Techniques; Password Strength; Security Flaws
References
- Nyangaresi VO., et al. “Guti-based multi-factor authentication protocol for de-synchronization attack prevention in LTE handovers”. International Journal of Cyber-Security and Digital Forensics1 (2020): 1-12.
- W M Weir., et al. “Testing metrics for password creation policies by attacking large sets of revealed passwords”. In Proceedings of the 17th ACM conference on Computer and communications security, CCS ’10, pages 162–175, New York, NY, USA, 2010. ACM (2010).
- Trust T., et al. “Hacking the Bank and Countermeasures”. Acta Scientific Computer Sciences 4 (2022): 53-61.
- Yazdi SH. “Analyzing Password Strength and Efficient Password Cracking” (2011).
- Weber JE., et al. “Weak password security: An empirical study”. Information Security Journal: A Global Perspective1 (2008): 45-54.
- Salois M. “Password complexity recommendations”. Defense Research and Development Canada (2014): 1-34.
- WEBER JE., et al. “A developmental perspective on weak passwords and password security”. Journal of Information Technology Management3 (2008): 1-8.
- Sun X., et al. “A survey on cyber-security of connected and autonomous vehicles (CAVs)”. IEEE Transactions on Intelligent Transportation Systems 23.7 (2021): 6240-6259.
- Kuo C., et al. Human Selection of Mnemonic Phrase-based Passwords, Symp. on Usable Privacy and Security (SOUPS), (2006).
- Charoen D., et al. “Improving End User Behaviour in Password Utilization: An Action Research Initiative”. Systemic Practice and Action Research1 (2008): 55.
- Monrose F., et al. “Password hardening based on keystroke dynamics”. ACM Conference on Computer and Communications Security, CCS (1999).
- U Manber. “A simple scheme to make passwords based on one-way functions much harder to crack”. Computers and Security2 (2011): 171–176.
- C Cachin. Entropy Measures and Unconditional Security in Cryptography, PhD Thesis, ETH Dissertation, num 12187, (1997).
- CE Shannon. "A Mathematical Theory of Communication". Bell System Technical Journal 379-423 (1948): 623-656.
- “If Your Password is 123456 Just Make it HackMe”. New York Times, January 20th, (2010): A1. 26.
- E R Verheul. “Selecting secure passwords”. CT-RSA 2007, Proceedings Volume 4377 of Lecture Notes in Computer Science, pages 49–66. Springer Verlag, Berlin, (2007).
- JL Massey. “Guessing and Entropy”. Proc. 1994 IEEE International Symposium on Information Theory (1995): 329.
- Jolly V. “The influence of internet banking on the efficiency and cost savings for banks’ customers”. International Journal of Social Sciences and Management3 (2016): 163-170.
- Olsen RV and Tokerud S. “Teachers’ awareness, knowledge and practice of information security in school (Master's thesis, University of Agder)” (2020).
- Ding Y., et al. “Crack identification method of steel fiber reinforced concrete based on deep learning: a comparative study and shared crack database”. Advances in Materials Science and Engineering (2021): 1-10.
- Bhanderi D., et al. “March. Impact of Two-Factor Authentication on User Convenience and Security”. In 2023 10th International Conference on Computing for Sustainable Global Development (INDIACom) (2023): 617-622.
- Almseidin M., et al. “September. Evaluation of machine learning algorithms for intrusion detection system”. In 2017 IEEE 15th international symposium on intelligent systems and informatics (SISY) (2017): 000277-000282.
Citation
Copyright