|
|
|
Data Recovery - You Can Get It Back!
Data Recovery - You Can Get It Back!
by Keith Thompson
Data recovery is a process whereby you can save data and
files you accidentally deleted, had eaten by malicious
software or viruses, hardware failures, corporate espionage
and many...
Disaster Preparedness in a Post 9/11 World
So much has changed in the last several years after 9/11, and
yet most businesses are still inadequately prepared for
disastrous situations. Not only are they vulnerable from the
threat of terrorism, but from security and natural...
Lightning Season: How to Avoid Data Loss
Lightning Season: How to Avoid Data Loss We have just entered the time of year that most electrical storms occur. Sudden loss of power, power surges, and electrical spikes are all very common causes of computer damage. There is no way to stop...
Software That Takes Care Of ... Other Software
What's housekeeping software? It's software that takes care of your PC and everything recorded on that hard-drive. If that's what you need, make sure you consider these titles.
HandyRecovery 2.0 (SoftLogica LLC)
As you might expect, data...
You Need To Backup
It doesn’t matter if you paid $500.00 or $2000.00 to purchase a new computer for your home or business; you will defiantly want to have some kind of insurance and backing up your computer is the best form of protection there is.
There are...
|
|
| |
|
|
|
|
|
|
Background Of Password Cracking
Passwords to access computer systems are usually stored, in some form, in a database in order for the system to perform password verification. To enhance the privacy of passwords, the stored password verification data is generally produced by applying a one-way function to the password, possibly in combination with other available data. For simplicity of this discussion, when the one-way function does not incorporate a secret key, other than the password, we refer to the one way function employed as a hash and its output as a hashed password. Even though functions that create hashed passwords may be cryptographically secure, possession of a hashed password provides a quick way to verify guesses for the password by applying the function to each guess, and comparing the result to the verification data. The most commonly used hash functions can be computed rapidly and the attacker can do this repeatedly with different guesses until a valid match is found, meaning the plaintext password has been recovered.
The term password cracking is typically limited to recovery of one or more plaintext passwords from hashed passwords. Password cracking requires that an attacker can gain access to a hashed password, either by reading the password verification database or intercepting a hashed password sent over an open network, or has some other way to rapidly and without limit test if a guessed password is correct. Without the hashed password, the attacker can still attempt access to the computer system in question with
guessed passwords. However well designed systems limit the number of failed access attempts and can alert administrators to trace the source of the attack if that quota is exceeded. With the hashed password, the attacker can work undetected, and if the attacker has obtained several hashed passwords, the chances for cracking at least one is quite high. There are also many other ways of obtaining passwords illicitly, such as social engineering, wiretapping, keystroke logging, login spoofing, dumpster diving, timing attack, etc.. However, cracking usually designates a guessing attack.
Cracking may be combined with other techniques. For example, use of a hash-based challenge-response authentication method for password verification may provide a hashed password to an eavesdropper, who can then crack the password. A number of stronger cryptographic protocols exist that do not expose hashed-passwords during verification over a network, either by protecting them in transmission using a high-grade key, or by using a zero-knowledge password proof.
About the Author: David and his team developed Article Post Robot, http://www.articlepostrobot.com, the software which can post articles to hundreds of article sites and mail lists automatically.
Source: www.isnare.com
|
|
|
|
|
|