Classifications of Password Cracking in Cyber Security
Password cracking can be classified into three types:
- Online attacks
- Offline attacks
- Non-electronic attacks (social engineering, shoulder surfing, dumpster diving etc)
Online attacks
In an online attack, the attacker uses a program or a script which tries passwords one-by-one on the target machine. The attacker is directly connected to the target machine directly as shown below or to an intermediate server to which the victim connects. The famous online attack for password attacking is the Man-In-The-Middle (MITM) attack or also called a bucket-brigade attack or as Janus attack.
Offline attacks
In an offline attack, the attacker generally tries to attack a target machine which is at another location. There is no connection between the attacker and the target machine. In this attack, the attacker obtains the password hashes from the victim machine (through physical access) and then tries to crack the hashes at a remote location. The disadvantage between online and offline attacks is, the offline attack requires physical access to the target machine.
Comments
Post a Comment