Highest Voted 'dictionary' Questions - IT Security Stack Exchange

1

vote

1 answer

Is there any methods available other than brute force and dictionary attacks?

I am curious to know about the wifi attacks. And I have known a little bit about brute force attack and dictionary attack. Is there any other methods available other than these two...?

asked Apr 30 '19 at 05:34

Vignesh

11
1

1

vote

2 answers

How long does it take to compute hashes using the MD5 hash algorithm?

1) If one iteration of MD5 takes x seconds, is it safe to assume that n iterations of MD5 takes n * x seconds? 2) Will salted and unsalted versions of md5 hash algorithms take approximately the same amount of time to compute?

hash salt md5 dictionary

asked Mar 11 '19 at 01:36

user9355495

245
3
5

1

vote

1 answer

What layer does dictionary attacks take place on?

This may be a stupid question, but I'm fairly new to cyber security and networking and I'm looking into different types of attacks. I was wondering if dictionary attacks only took place on the application layer, or if it is used for other layers as…

attacks dictionary

asked Dec 10 '18 at 04:28

Brad Lamitie

13
2

1

vote

1 answer

Passwords - extended dictionary vs dictionary attacks

Taking inspiration from Diceware and the other passphrase generators, I took a dictionary of 20k English words and used a script to generate typos of them, resulting in 7M "words", giving 22.7 bits of entropy per word compared to Diceware's 12.9. 5…

passwords password-cracking dictionary

asked Sep 14 '17 at 03:15

EPICI

363
2
8

1

vote

1 answer

How to defend against attacker without affecting other users of same NAT gateway

I am implementing a web service and have a daemon process that notices repeated failed login attempts from any given source. If too many occur the IP address is blocked for a given time. This is similar to the fail2ban or (now deprecated) denyhosts…

dictionary nat

asked Apr 26 '17 at 20:20

AlanObject

525
3
8

1

vote

2 answers

How Generate Custom Dictionary Password list

I want to generate a password list that has 8 characters like this: Characters are: Pp|Aa|Ss|Ww|o0|Rr|Dd First character only can be Pp, second Aa@, .... to end. How can I make this list using crunch or similar scripts?

passwords dictionary

asked Feb 10 '17 at 19:47

MinLo

13
3

1

vote

3 answers

Creating a wordlist knowing parameters

I need to crack my own router password. Advantage is that I know possible characters and maximum length. What I need is to create a dictionary. The dictionary should contain all the combos of characters that I choose. I know that the maximal length…

passwords brute-force dictionary

asked Jan 22 '17 at 19:08

Cornul11

13
4

1

vote

1 answer

Crunch wordlist

I am trying to set up a wordlist of 8 character words where: the first letter is a capital 'WXCVBN' the next three are lower case 'wxcvbn' the next three are numbers between '123456' the last character has to be '*' or '!'. I've been trying for…

passwords dictionary

asked Dec 07 '16 at 21:18

Lorenzo

21
3

1

vote

0 answers

Password Strength: Compound Words

I’m familiar with XKCD’s Correct Horse Battery Stable example but I am wondering about one aspect of password strength. Dictionary words are an easy target for password crackers. If you compound a word, such as batteryhorse which clearly is not in…

passwords brute-force dictionary

asked Oct 23 '16 at 10:32

Manngo

131
3

1

vote

2 answers

How does a dictionary attack use it's "words"?

Does it assemble/concatenate the dictionary elements into candidate passwords, or does it just use the dictionary elements/words as passwords (which sounds strange)? I'm wondering about "SmartKey ZIP Password Recovery Professional".

password-cracking dictionary

asked May 11 '16 at 04:41

LenG

21
3

1

vote

0 answers

Inserting XSRF header token in Hydra

I'm trying to break a login form with Hydra. The site is built with the Angular framework, and an XSRF token must be sent through the header and through the POST request. I notice that the XSRF token is already being sent by Hydra through the…

authentication web-application linux hydra dictionary

asked May 01 '16 at 00:58

John

11
2

1

vote

2 answers

Are password-guessing attacks a real threat?

There are tons of questions, answers, articles, papers, cartoons etc. on the subject of how to choose a password in such a way that it's difficult to guess or crack with a dictionary-based attack. I don't understand why a system would allow me to…

brute-force dictionary

asked Feb 03 '16 at 12:14

SantiBailors

391
2
11

1

vote

1 answer

Is it secure to allow an account to use `test123!` as their password?

I'm working on tightening up security for the auth layer of my app and I'm currently making a call on the complexity I'll require for passwords. Is there a 'standard' recommendation for complexity? The current requirement is like so: 8 char…

passwords brute-force dictionary

asked Dec 28 '15 at 00:56

AJB

316
2
12

1

vote

2 answers

Incremental charset with no duplicate adjacent letter

I'm using John the Ripper and the following charset in the creation of a word list: [Incremental:Upper8] File = $JOHN/upper.chr MinLen = 8 MaxLen = 8 CharCount = 36 The command: john –stdout –incremental=Upper8 > wordlist.txt I want to create a…

password-cracking dictionary

asked Dec 23 '15 at 21:13

Ankh2054

165
2
10

0

votes

2 answers

Showing CAPTCHA

I'd like to show a CAPTCHA to prevent brute forcing attempts, but I was thinking of showing it whenever a user fails for an invalid username/password combination after X attempts, regardless of whether that user exists in the database or not. The…

authentication brute-force captcha dictionary

asked Jul 11 '14 at 16:06

GuestUser101

1

Questions tagged [dictionary]