Password is a secret key to authorize or authenticate a user. With the help of username and password, users can confirm their identity and access their confidential data.
Password attacks are common in these days. Some of the reasons for these attacks are our limited knowledge regarding password security. Lets looks at some common password attacks.
1. Dictionary Attacks
Dictionary attack is one of a common type in password attacks. Actually the “Dictionary” is a wordlist which contains pre-computed passwords.
2. Brute Force Attacks
In brute force attacks, attackers tries every combination of characters until the correct password is found.
3. Rainbow Table Attacks
Here, the rainbow table attack is carried out by using rainbow tables (contains pre-computed hash digests in a database) to crack the passwords.
4. Social Engineering Attacks
The attacker uses psychological techniques to trick users into revealing their credentials. Social engineering can be done through voice calls, emails, or even maybe in-person interactions.
5. Password Spraying Attacks
In this type of attack, a single password is tried against a large number of different accounts.
6. Keylogger Attacks
Here, the attacker uses a keylogger (keystroke collecting software) to grab the credentials of the victim.
7. Man-in-the-middle Attack
The attacker intercepts the communication between a victim and a legitimate website. Then the attacker acts as a “middleman” between the victim and the website, which allows the attacker to capture the victim’s credentials.
8. Credential Stuffing
In this type of attack, the attacker uses stolen credentials to gain unauthorized access to the victim’s accounts.