Tagg: password cracking

Researchers at Purdue’s CERIAS group have developed a way of strengthening traditional password authentication against sophisticated attacks. Not only is the defense practical — you can download the PAM security module from GitHub — but it also includes a built-in alarm that warns you when attacker try to use decoy passwords they believe they have […]

I am very skeptical of passwords. Rules for password length and complexity may offer a feeling that you are behaving safely but they provide much less security than promised. As we see in Learning Tree’s Cloud Security Essentials course, the major cloud providers configure their Linux servers providing the majority of the cloud Infrastructure-as-a-Service so […]

Last week I talked about how fast processors and GPUs made password cracking easier. The idea was that dictionary words could be hashed quickly and then compared to target hashes. This week we’ll look at a very fast way to compute the hashes along with a fast way to search them. A GPU or Graphics […]

Yes, I am still obsessed with authentication. This article didn’t dissuade me. Earlier this week I was looking at password cracking tools to use in the hands-on exercise in Learning Tree’s introduction to security course. We currently use an older tool that cracks based on a limited wordlist (usually called a dictionary) and a tool […]

Some time ago I wrote about slowing down hash computation. A bit of further explanation seems to be in order. As we updated Learning Tree Course 468, System and Network Security Introduction recently we looked at cracking Windows 7 password hashes. The idea is to extract the hashes and run a program to process them and […]