Password management/Password Cracking
Add or edit subsection:
|Section of||Password management|
- Last modified: 4 November 2013 20:34:17
- русская версия
- Russian version: Взлом паролей
- Last modified: 6 August 2013 17:18:21
A password is usually the first and often the last line of defense for information systems. Participants need to be convinced during this lesson that it is not reasonable or secure to have a weak password protecting important information nor is it a good idea to have one strong password protecting all the user's different accounts.
Discuss password profiling, social engineering attacks and installation of keyloggers, via email or drive-by downloaders.
Install Cain on a local machine and demonstrate the withdrawal of its local passwords.
Ask one of the participants to prepare a Word document with an easy password, and crack it using Advanced Office Password Recovery for example.
Ask the participants to test out their favourite password's security from http://www.cryptool-online.org/index.php?option=com_cto&view=tool&Itemid=159&lang=en
Explain the principles of brute force and the need for password complexity.
You'll need to prepare in advance for password cracking and make sure you've tested your software. You'll need Rainbow Table for opchrack. The trial version of AOPR can only crack 4 character passwords.