Introduction
A password is a secret word, phrase, or figure used to gain access to a place. The comprehensive meaning of a password is Personal Access Security Service Without Regular Discloser. Passwords are vital in preventing unauthorized access to personal data and computer files; this is possible by enabling a string of characters to verify a user's identity during the authentication process (Chanda and Katha 15). This process is more secure as password designing is known only by the device, website, and application user. A secure password provides essential protection from different kinds of identity theft and, to a more considerable extent, financial fraud. The basic ways of securing passwords include but are not limited to different passwords for different accounts. There is a need to use long passwords, mix letters, numbers, and symbols, use a string of words, make appropriate use of the password analyzers, and automatically generate passwords.
Password cracking involves using unethical and unconventional methods of recovering passwords from the generated data or used in a computer system. Password cracking happens in different individuals' daily occurrences; this has even affected high–profile accounts. Password cracking has both good and evil effects; for instance, there is a need to crack it before completely giving up on the application or program in case of a forgotten password (Nam et al. 20). On the other hand, password cracking can be used for bad if cracking is evil and meant to harm or commit fraud.
Password Cracking
A password, in other words, is called a secret PIN, code, passcode, or a secret word used for authorization (Jarecki et al. 5).
According to Chanda and Katha, Password cracking involves retrieving passwords through unauthentic information stored or sent through a computer system (126).
Password Cracking Methods
There are many types of password cracking methods. According to ShanmugaPriya et al., password hash obtaining is done after the password has undergone an algorithm and a one-way mathematical calculation to produce a unique string (50). For instance, if a password is "password," it runs through the MD5 algorithm, one of the many cryptographic hash functions used.
The word "password" is irreversible. The key combination can be reproduced by knowing the word and cracking it or running it through a hash function.
The Login Process
Most websites run passwords on a cryptographic hash function like the one illustrated use database to store it, such as a password before database storage.
$Password = MD5($_POST[‘password’]);
The script takes the password submitted via $_POST in the above PHP line and process it by MD5 cryptographic hash operation. The password transforms into MD5 value—the data stored in the variable $Password, which the database stores.
Now that the login details are ready, with the next login, the PHP script will take the password, run it in the hash function, and relate it to the hash value in the database (Jarecki et al. 18). If this is a success, then the password generated through the same database storage is accurate and will function. Here is an example;
If (md5($Submitted_Password) == $Stored_Password_Hash) Then Login()
Display_Wrong_Login_Details_Message()
Password Salt
A password salt is a string added on to a password before it is encrypted. This string could be the user's username and the exact time the user signed up (Taneski et al. 86).
The password salt makes it longer and harder to crack; this makes each password different from the other, even in a similar password.
An example can be if "1234567" was the password, MD5("random-salt"+"1234567) is the final hash, so if that same password ware used, their salt would be different, and this result in a different password hash value.
Dictionary Attack
A dictionary attack involves trying every dictionary word against a password hash value. Dictionary attacks use words of the languages from other dictionaries, though it depends on the target. The target could be the most common passwords used per the wordlist, and that with the least cracking time.
Dictionary attacks are usually the first attack type used because most people create weak passwords due to the effort it takes to remember long and complex passwords. Due to this fact, dictionary attacks are crucial in cracking hashes they generate.
Conclusion
With the fast growth of technology and other related areas, password security and strong passwords have become essential to protecting users' data. Password security is vital to achieve authentication for legal users and defense against illegal crackers. Passwords are essential in daily life. Passwords protect our e-mail, electronic communication, phones, ATM cards, online banking, wireless media, and encrypted data.
Passwords should be secured because bad things will happen if they end up with the wrong people. Therefore, this paper explores the password cracking and the countermeasures against password cracking and ensures their users have a strong password.
Cite this page
Password Security - Free Essay Example. (2023, Dec 12). Retrieved from https://proessays.net/essays/password-security-free-essay-example
so we do not vouch for their quality
If you are the original author of this essay and no longer wish to have it published on the ProEssays website, please click below to request its removal:
- Google Leadership
- Current Information and Communication Technologies
- Essay Sample on Cybersecurity Careers
- Evaluation Essay on Google: Sustainable Competitive Advantages
- Essay Example on Purple Cloud: Economic Woes and Viable Solutions
- Network Intrusion: A Growing Security Threat - Essay Sample
- Understanding Agency & Ideology in Media Content Creation - Essay Sample
