Common Password Attacks

Password is a secret key to authorize or authenticate a user. With the help of username and password, users can confirm their identity and access their confidential data.

Password attacks are common in these days. Some of the reasons for these attacks are our limited knowledge regarding password security. Lets looks at some common password attacks.

1. Dictionary Attacks

Dictionary attack is one of a common type in password attacks. Actually the “Dictionary” is a wordlist which contains pre-computed passwords.

2. Brute Force Attacks

In brute force attacks, attackers tries every combination of characters until the correct password is found.

3. Rainbow Table Attacks

Here, the rainbow table attack is carried out by using rainbow tables (contains pre-computed hash digests in a database) to crack the passwords.

4. Social Engineering Attacks

The attacker uses psychological techniques to trick users into revealing their credentials. Social engineering can be done through voice calls, emails, or even maybe in-person interactions.

5. Password Spraying Attacks

In this type of attack, a single password is tried against a large number of different accounts.

6. Keylogger Attacks

Here, the attacker uses a keylogger (keystroke collecting software) to grab the credentials of the victim.

7. Man-in-the-middle Attack

The attacker intercepts the communication between a victim and a legitimate website. Then the attacker acts as a “middleman” between the victim and the website, which allows the attacker to capture the victim’s credentials.

8. Credential Stuffing

In this type of attack, the attacker uses stolen credentials to gain unauthorized access to the victim’s accounts.