Password Attack Challenge

Overview

Passwords are an important, yet overlooked component of maintaining proper security posture. According to the NIST 800-63 Password Guidelines, a password should be at least 8 characters minimum, use all ASCII characters, support a 64 character maximum length, but should not be too complex due to causing poor password behavior in the long run.

Considering these points, create a list of passwords, ranging in character type variation, complexity, and length. Use a password cracking tool such as Brutus, John the Ripper, THC Hydra and see what lists of passwords can be in a relatively short period of time.

Project Recommendations

It is recommended you have familiarity with Linux, how to install software, formidable researching and exploratory skills.

Starting Resources & Links

• NIST 800-63 Password Guidelines
• Brutus
• John the Ripper
• THC Hydra
• 10 Most Popular Password Cracking Tools – InfoSec Institute

Recommended Level

Beginner

Project Author Credit: None – General Project Idea