Top 6 Most Common Password Cracking Methods And Their Countermeasures

1. Bruteforce Attack

There are a number of methods out there used by hackers to hack our account or get your personal information. Today in this post I will share with you guys 6 Most commonly used method to crack the password and their countermeasures. You must check out this article to be safe and to prevent your online accounts from hacking.

Here in this post, we are going to tell you about most common 6 password cracking methods with their countermeasures so that you can be safe from these hacking techniques. If you use the internet often, then consider reading the article below to stay safe.

Any password can be cracked using Brute-force attack. Brute-force attacks try every possible combination of numbers, letters and special characters until the right password matches. Brute-force attacks can take very long time depending on the complexity of the password. The cracking time is determined by the speed of computer and complexity of the password.

Countermeasure: Use long and complex passwords. Try to use the combination of upper and lowercase letters along with numbers. Brute-force attack will take hundreds or even thousands of years to crack such complex and long passwords.

Example: Passwords like “love” or “password” can be cracked easily whereas computer will take years to crack passwords like “aN34lL00”

2. Social Engineering

Social engineering is a process of manipulating someone to trust you and get information from them. For example, if the hacker was trying to get the password of a co-workers or friends computer, he could call him pretending to be from the IT department and simply ask for his login details. Sometimes hackers call the victim pretending to be from the bank and ask for their credit cards details. Social Engineering can be used to get someone password, to get bank credentials or any personal information.

Countermeasure: If someone tries to get your personal or bank details ask them few questions. Make sure the person calling you is legit. Never ever give your credit card details on phone.

3. Rats And Keyloggers

In keylogging or Rating, the hacker sends keylogger or rat to the victim. This allows the hacker to monitor every thing victim do on his computer. Every keystroke is logged including passwords. Moreover, the hacker can even control the victim's computer.

Countermeasure: Never log in to your bank account from the cyber cafe or someone else computer. If it's important to use an on-screen or virtual keyboard while typing the login. Use latest anti-virus software and keep them updated. Check out below article to know more about Rats and Keyloggers.

4. Phishing

Phishing is the easiest and popular hacking method used by hackers to get someone account details. In a Phishing attack, a hacker sends a fake page of the real website like facebook, Gmail to a victim. When someone login through that fake page his details are sent to the hacker. This fake pages can be easily created and hosted on free web-hosting sites.

Countermeasure: Phishing attacks are very easy to avoid. The URL of this phishing pages is different from the real one. For example, URL of phishing page of Facebook might look like facbbook.com (As you can see There are two “b”). Always make sure that websites URL is correct. Check out below article to know more about phishing.

5. Rainbow Table

A Rainbow table is a huge pre-computed list of hashes for every possible combination of characters. A password hash is a password that has gone through a mathematical algorithm such as md5 and is transformed into something which is not recognizable. A hash is a one-way encryption so once a password is hashed there is no way to get the original string from the hashed string. A very commonly used hashing algorithm to store passwords in website databases is MD5. It is almost similar to a dictionary attack, the only difference is, in rainbow tables attack hashed characters are used as passwords whereas in dictionary attack normal characters are used as passwords. 

Example: ‘hello’ in md5 is 5d41402abc4b2a76b9719d911017c592 and zero length string (“”) is d41d8cd98f00b204e9800998ecf8427e

Countermeasure: Make sure you choose the password that is long and complex. Creating tables for long and complex password takes a very long time and a lot of resources

6. Guessing

This seems silly but this can easily help you to get someones password within seconds. If the hacker knows you, he can use the information he knows about you to guess your password. Hacker can also use a combination of Social Engineering and Guess to acquire your password.

Countermeasure: Don’t use your name, surname, phone number or birth date as your password. Try to avoid creating the password that relates to you. Create complex and long password with the combination of letters and numbers.