Password crackers are programs that hit a server repeatedly until a working username/combination appears.
Hackers use password crackers, including the free Brutus Password Cracker, to gain access to sensitive company documents.
But consumers use these tools too. If you’ve forgotten your password to a website and have nowhere to turn, you might deploy a solution like this to help you gain access.
What Is Password Cracking?
< Organizations use sophisticated techniques to keep passwords secret. For example, few companies store usernames/passwords in legible sheets on the server. Instead, they scramble them with hashes to make them impossible to read. A password hacker undoes all of this work.
Password crackers use one of several techniques, such as:
- Dictionary lookups. The system begins with a list of known words and begins to substitute one letter at a time until the proper combination appears.
- Guessing. In brute-force attacks, a program tries all conceivable combinations.
- Hybrid. The system can use both techniques, depending on the complexity of the password.
Cracking passwords can take days, especially if the rules specify long terms with plenty of special characters. But programs make the work really easy.
This is why Okta recommends secure adaptive multifactor authentication. That way, users aren’t relying on a single point of failure for authentication.
A user simply identifies the website, enters a few important details, and deploys the program. It can run in the background while the user does other things on the same computer.
Password Hacker Tools
It's too expensive and time-consuming for most people to build a password cracker. Instead, they lean on solutions others have built and tried.
These are a few password crackers we've seen others use and recommend:
It’s perfectly legal to download these tools and use them on passwords you own. Experiment away! You’ll discover just how easy it is for a hacker to get into sites you thought were secure and private.
But as tempting as it might be, don’t use these tools on passwords you don’t own. You’ll step right into hacker territory, and that could prompt law enforcement to knock on your door and ask intrusive questions.
Password Cracker Protections
Password cracking tools aren't made just for hackers. You might use them to help recover passwords you've lost or forgotten. You might also use them against a hacker. If your account was stolen, for example, you could use a tool and steal it back.
But keeping password crackers in mind is wise. The more you know about how these tools work, the better you can protect your information.
Start with password strength. Follow a few rules:
- Do make your password long. Aim for about eight characters, if not more.
- Don't use common passwords like "password" or "1,2,3,4."
- Do use special characters like $ and * to replace recognizable letters.
- Don't make your password so complicated that you'll never remember it.
- Do get creative and innovative when you write.
- Don't include details, like your pet's name or your address, that people can discover on social media.
Your company may have specific rules about how your passwords should work. Follow those guidelines carefully, even when you're tempted to cheat. If you absolutely can't come up with good passwords (or remember them), consider a password tool.
With the perfect password created, think about storage. Don't keep your master list in a space a hacker could find. For example, in a 2021 breach of more than 26 million login credentials, researchers discovered that many victims stored all their passwords in text files. Don't do this.
Consider your password a valuable and irreplaceable asset. Don't share it with anyone else, and don't put it in a spot hackers can find and steal.
Mystery Malware Steals 26M Passwords From Millions of PCs. Are You Affected? (June 2021). Ars Technica.