Dictionary Attack and Brute Force Attack: hacking passwords
HTML-код
- Опубликовано: 30 июл 2024
- In this video, I will talk about two hacking methods used by hackers to crack stolen our password even though they are stored in database in the format of digest. These two methods include dictionary attack and brute force attack. I will also talk about how they work, and minimum measures we should take to protect our passwords?
Playlist: Basic Cryptography
• Private Key Encryption...
Advanced Cryptography:
• What is digital signat...
Please leave comments, questions and
Please subscribe to my channel
Many thanks,
Sunny Classroom
As usual very informative and useful video, Sunny really you are so wonderful!
I am studying Networking where your videos help me a lot. Thank you so much
You are welcome!
Your explanation is simple and Clear. You are my favourite teacher
Greatly done Sunny...!!!
🏅🥇🎖
your way of teaching is adorable and understandable stuff.
Many thanks for your compliment.
Well done. Thank you for these videos.
Lovely content! Keep it up!
Many thanks.
0:10 intro music😍
is the attacker able to discover password length before jumping to dictionary attack , so that it would be easy to recover the password ? any thoughts
Another approach is to use passphrases - search for "xkcd passphrase". Also the advice to change your passwords frequently is disputed by some people. Finally, I think writing passwords on paper is not such a bad idea for accounts which are not so important (eg they don't give an intruder access to your personal or financial details).
The idea of paraphrase is that you are trying to meet two criteria:
1) Using human memory schemes to create entropy.
2) Make it long enough. Where trying to break it would be to costly.
Most people use ten or so characters for all their accounts. This data is public knowledge. Why, most people try to remember all their passwords. This is a human weakness. Hence why I advocate for password management tools. An encrypted file with random passwords in it. For the following reasons:
1) If you are using an encrypted file. Many files have extremely long or unlimited character sets and length. Most websites have limits and restrictions on both.
2) Those long ass passphrases. That you can keep in your head. These are your password management passwords.
3) A computer generated password provides more entropy than a human one. It is simple math.
So remembering all your passwords is not bad, but frankly: most humans suck at developing long strong and unique passwords hundred times over.
the preview of the next video might sound simple but it works
Sunny:
Good afternoon sir. I know this is a lot of work, but would you mind doing a video about Symmetric Algorithm methods? You do such a great job of explaining cryptography concepts in easy to understand ways. Thank you
Hi sir thanks for the content ....your way is lovely and simple and easy to understand ....your course is great that's why my IT teacher give me your channel name to watch your courses .....keep going sir....your courses are great ....thank you again :)
Thanks a lot for your nice comment. I will do my best to contribute a little to learning community. BTW, say thanks to your IT teacher. Have a nice wonderful summer!
Thank you sir ....have a good one too :)
Hi, your video is useful....very details explanation. Can you explain more on security proof? e.g. Game-based security proof/reduction proof. Thank you.
thanks sir you are new hope in my learning.....
Illustrations are helpful. Complicated theories explained in simple way.
Thanks a lot!
20 characters minimum (if the website or software in use allows that length), but preferably longer.
Hello ! Verry good content ! But for dictionary attack i can't seem to find part 1 and 2 ? Can you help me ? Thanks !
In dictforce attack you say that if the digests match we find the password, but how we convert the digest into plain text?as hash is a one way function.
A b s o l u t e l y Excellent as usual. Many many thanks.
You are just a good instructor. Kudo!
He is excellent instructor
Congrats on 100k!!!
Thank you so much 😀
Wouldn't the dictionary attack require that the attacker know what kind of hash algorithm (MD5, SHA-256) is being used on the target system/machine?
They generate different candidate tables based on different types of algorithms.
There plenty of tools that allow you to 'extract' hashes. From different types encrypted files. .zip and .7zip are but examples.
That is why you must choose a good password. extractes hashes are useless if you can not break them in any reasonable amount of time.
Thanks a lot teacher keep going
Ok see you next time Sunny!
hello sir we all understood your videos and you give us more knowledge , plzzzz some more make videos for information security subject!
sir, learned a lot from the video thanks . please direct me how can i brute force or dictionary for educational purposes?
In the words of Shrek,
"Ugggh, Thanks..."
You are welcome. I love the movie Shrek, especially Shred 2
@@sunnyclassroom24 Yeah Shred 2 is so good
If the password encryption agent uses a lockout system (such as iPhone, whereas after a few unsuccessful tries the phone locks), how would a brute-force approach work? or would it even work at all?
You are correct. However, the brute-force method is used to crack all digest databases they hacked. Hackers are not trying your cell phone or login pages.
I advice all beginers to what your vidéo, simple and clear
Many thanks, You are right. My videos try to introduce to beginners to the fundamentals of networking and security. I have about 50 more videos at this point in line to make. Many thanks for your encouragement.
Your vidéos are a trésor, if people discover you, i think you will have a huge followers.
I hope, that people interested in your domain, discover this GREAT WORK.
hello very nice content. you talk about password management and that you explain it in another video but i cannot find it. Can anyone help me here?
where can i get this Dictionary Attack ?
how do i download it or what?
Sir For Brute force attack Its having Specific Software or Its doing with Another Process???
there are many ways to do but the principle is the same: trial and errors
thankyou sir very muchh
You are too good
Sunny how are you? Do you offer private tutoring?
Sunny : offer private or group tutoring?
This video is very coool
شكرا جزيلا
Good afternoon everybody. Please assist to give the creation date of the brute force attack
can we get the continuation of this class please, how to save or protect your password.
Thanks a lot for your suggestions. Do you use Keepass program (free and open source) to manage your passwords?
I will. Many thanks for your comment and patience.
Seems simple. So the only different is that one uses a dictionary and the other doesn't?
Good afternoon everybody. Please assist to give the creation date of the Birthday Paradox Attack
Finally got some project ideeas. I promise i will not crack anything important, only my brother's WoW account(its not legit WoW)
The one where you describe how the password shall be,that cannot be good.As far as I KNOW I HAVE TO BE ABLE TO USE THE SAME PASSWORD EVRYWHERE
You can try to use keyword management software like KeePass to manage your accounts and your passwords. One password everywhere is not safe. For your safety, you need to have different password for different site. Thank you for your comment.
Good afternoon everybody. Please assist to give the creation date of dictionary attack
I'm looking for the video for the management of the passwords
Hi Sunny, your explanation is very clear and useful, thank you very much. Can u explain why at least 12 characters???
by calculation, 12 characters are safe for a while (like three months). Of course, the longer, the better.
Thanks for your reply
Thanks for your pretty cours :)
haha, what is "your pretty cours??"
it is so clear and simple
Plz can u teach me how to track digested password????
I love you
Thank you very much!
Will this get me arrested in the Middle East?
My Yahoo gmail got hacked. And I'm ready to brute force. But I don't wanna click Enter 😂
Lol. I don't think you can get in trouble for brute-forcing your own account
How can I hack Instagram password
CAN U do fro Momo@123
Hi iam new sub did you have discord
huck fb
you need salting
go ahead and set this a 1.5x's speed