TRAINING
- Popular Courseskkkkkk
  
  ISC2 CISSP
  
  CompTIA Security+
  
  ISACA CISM
  
  ISC2 CCSP
  
  Cisco CCNA
  
  EC-Council CEH
  
  ITIL v4 Foundation
  
  Azure Admin
  
  PMI PMP
  
  AWS SA Associate
  
  AWS Security
  
  Cisco CCNP
  
  ISACA CISA
  
  CompTIA SecurityX
  Courses by Vendor
  
  AWS
  
  CertNexus
  
  Cisco
  
  CompTIA
  
  EC-Council
  
  IAPP
  
  ISACA
  
  ISC2
  
  Microsoft
  
  PMI
  
  VMware
  Courses by Topic
  
  AI & Analytics
  
  Cloud
  
  Cybersecurity
  
  Data Privacy
  
  DevOps
  
  DoD 8570/8140
  
  GI BILL® Approved
  
  IT Policy
  
  IT Service
  
  Networking
  
  Programming
  
  Project Mgmt
  
  Risk Mgmt
  - CERTIFICATION TRAINING
  - |
  - Course Catalog
  - |
  - Get a Quote
  - |
  - Enroll in a Course
TEAM TRAINING
- Train My Team
  
  Overview
  
  Enterprise Solutions
  
  Subscription Learning
  
  Bulk Vouchers
  Corporate Solutions
  
  Enterprise Solutions
  
  Subscription Learning
  
  Team Training
  
  Training Vouchers
  Federal & Contractors
  
  GSA Schedule
  
  Federal Procurement
  
  Training Vouchers
  
  Military Solutions
  
  DoD 8570/8140
  ★★★★★
  
  Whether you are transitioning to civilian life or advancing within the military, we're here to help.
  - TEAM TRAINING
  - |
  - Course Catalog
  - |
  - Get a Quote
  - |
  - Enroll in a Course
LEARN
- Contact Details
  
  About Us
  
  Corporate Address
  
  Contact Sales
  
  General Info
  Additional Info
  
  Careers
  
  News
  
  Testimonials
  
  Payment Center
  Resources
  
  Partners
  
  Webinars
  
  Blog
  
  Financing
  "Training Camp's trainers, especially our instructor Jeff, are in a class of their own. His blend of industry knowledge and teaching acument is outstanding."
  
  — Mike Guzman, USAF
  - LEARN
  - |
  - Course Catalog
  - |
  - Get a Quote
  - |
  - Enroll in a Course
CONTACT
- Get Upskilled, Certified, and Back to Work. Fast
  Join thousands of professionals advancing their careers with our expert-led training programs.
  Contact Us
  
  Accounting
  
  Investors
  
  Support
  Training Camp Sales
  
  General Information
  
  Team Training
  
  Last Minute Registration
  - CONTACT
  - |
  - Course Catalog
  - |
  - Get a Quote
  - |
  - Enroll in a Course

What is Password Cracking?

Published by Mike McNelis on August 15, 2023

In a secure password-based authentication system, the actual password isn’t stored to avoid easy access by hackers or malicious insiders. Instead, these systems store a password hash, which is generated by processing the password and a random value (called a salt) through a hash function. Hash functions are designed to be one-way, making it difficult to reverse-engineer the original password from the hash.

Password cracking involves extracting passwords from their hashes. This process can be done through various methods:

Dictionary Attack: This method uses common passwords and their variations to quickly crack many passwords.
Brute-Force Attack: This method tries every possible combination of characters to eventually crack the password, though it can be time-consuming.
Hybrid Attack: A combination of dictionary and brute-force attacks, starting with a dictionary attack and moving to brute-force if needed.

Several tools are available for password cracking:

John the Ripper

John the Ripper is an open-source tool that can crack a variety of password types across different operating systems. It also supports additional features in its pro version.

Brutus

Brutus is a versatile remote online password-cracking tool for Windows, supporting various authentication types and offering customization options, despite not being updated in recent years.

Wfuzz

Wfuzz specializes in web application password cracking through brute-force attacks. It also detects hidden resources and injection vulnerabilities.

THC Hydra

THC Hydra is an online tool that uses brute-force attacks to crack passwords. It supports many network protocols and is easily extensible with new modules.

Hashcat

Hashcat is a widely-used password cracker that supports over 300 different types of hashes. It allows for simultaneous cracking across multiple devices and includes features for performance optimization.

L0phtCrack

L0phtCrack focuses on cracking Windows passwords using both dictionary and brute-force attacks. It also offers scheduled password security scans.

Aircrack-ng

Aircrack-ng is used to crack Wi-Fi passwords by analyzing encrypted packets and applying various cracking algorithms. It’s available for Linux and Windows.

Medusa

Medusa is a command-line tool designed for fast, parallel brute-forcing of various protocols. It can target multiple usernames or email addresses simultaneously.

RainbowCrack

RainbowCrack simplifies password cracking using precomputed tables of password/hash pairs. It supports various hash types and is available for Windows and Linux.

OphCrack

OphCrack is a free tool for cracking Windows passwords using rainbow tables. It’s popular for its ease of use and compatibility with multiple operating systems.

Tips for Creating Secure Passwords

To protect against these cracking methods, use long, random, and unique passwords. Avoid using common words, personal information, or predictable patterns. Incorporate a mix of characters, numbers, and special symbols to increase complexity.

Mike McNelis

See Full Bio

Back to All Posts