Password Attacks & Cryptography · intermediate · ~11 min
Explain offline cracking approaches and the tools, within legal limits.
Offline cracking tests guesses against recovered hashes at GPU speed (no lockout): dictionary (wordlists), rule-based (human-style mutations), mask/brute force, and hybrid, via Hashcat/John (CeWL builds wordlists; Hydra is online). Lab-only. Defenses: slow KDFs, length-based policy, breach screening, MFA.
Understanding how cracking works — and that fast hashes plus weak passwords make it trivial — motivates the storage and policy defenses, and is necessary to assess password posture in authorized engagements.
Offline vs online. Hashes locally (fast, silent) vs live login (slow, lockout). Dictionary/rules/mask/hybrid. Guess strategies. Tools. Hashcat, John, CeWL (wordlists), Hydra (online, lab-only). Defenses. Slow KDFs, length policy, breach screening, MFA.
When you legally recover password hashes (from a lab, or a breach you're authorized to assess), offline cracking tests guesses against them at high speed. This is lab-only and tied to explicit authorization.
password → P@ssw0rd!) — mimics how humans modify passwords.Cracking exists because of weak passwords + fast hashes. The defenses you'd recommend: slow KDFs (prior lesson), strong/length-based password policy, breached-password screening, and MFA so a cracked password isn't enough. (This track's C exercise implements a tiny dictionary-cracking loop so you feel the mechanic.)
Offline cracking applies dictionary, rule, mask, and hybrid guessing to recovered hashes at high speed — trivial against fast/weak hashes. It's strictly authorized-lab work, and it makes the case for slow KDFs, strong policy, and MFA.