password cracker

Password crackers use two primary methods to identify correct passwords: brute-force and dictionary searches. When a password cracker uses brute-force, it runs through combinations of characters within a predetermined length until it finds the combination accepted by the computer system. When conducting a dictionary search, a password cracker searches each word in the dictionary for the correct password. Password dictionaries exist for a variety of topics and combinations of topics, including politics, movies, and music groups.

Some password cracker programs search for hybrids of dictionary entries and numbers. For example, a password cracker may search for ants01; ants02; ants03, etc. This can be helpful where users have been advised to include a number in their password.

A password cracker may also be able to identify encrypted passwords. After retrieving the password from the computer's memory, the program may be able to decrypt it. Or, by using the same algorithm as the system program, the password cracker creates an encrypted version of the password that matches the original.

Getting started with Hacker tools

To explore how the Hacker tools are used in the enterprise, here are some additional resources:

Top 5 Hacker Tools: Google hacker, password cracker, WLAN detector Hacker tools can be helpful for corporate risk assessments. Learn about the top five hacker tools and how you can use them in audits, assessments and penetration tests to help you to find vulnerabilities before hackers do.

Learn more about SaaS and Web application security

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

More resources from around the web: - The SANS Institute has an article, "Password cracking using focused dictionaries." - SecurityWatch has a page about hacking (cracking) techniques. - SearchSecurity.com offers selected links to more about "Securing your Data and Information."

FILE EXTENSION AND FILE FORMAT LIST File Extension and File Format List: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

RELATED CONTENT Why financials must implement Web application security best practices Russ McRee describes his research into vulnerable financial Web applications and provides guidance on how companies can improve their online security. The PCI compliance case for source code review Web application firewalls won't protect against application logic flaws. Michael Cobb explains why source code review can. Security questions to ask SaaS vendors when outsourcing services Financial-services firms need to make sure their SaaS providers implement strong data security.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary NASDAQ  (SearchFinancialSecurity.com)