Password Attacks

Question 1

Brute force

Answer 1

an attacker systematically tries every possible combination of passwords until the correct one is found

Question 2

Dictionary Attack

Answer 2

This method involves using a pre-defined list of words or phrases (the “dictionary”) to guess passwords

Question 3

Credential stuffing

Answer 3

In this attack, an attacker uses stolen username and password pairs from one service to gain access to accounts on other services

Question 4

Phishing

Answer 4

tricking users into providing their passwords

Question 5

Keylogging

Answer 5

type of malware that records keystrokes on a victim’s device

Question 6

Social engineering

Answer 6

involve manipulating individuals into revealing their passwords, often through deceitful tactics

Question 7

Rainbow Table Attack

Answer 7

precomputed tables for reversing cryptographic hash functions. If an attacker gains access to hashed passwords, they can use rainbow tables to find the corresponding plaintext passwords quickly.

Question 8

Man-in-the-Middle (MitM) Attack

Answer 8

attacker intercepts communication between the user and the server

Question 9

Password Reset Attack

Answer 9

Attackers may attempt to reset a user’s password by exploiting vulnerabilities in the password recovery process, such as answering security questions that may be publicly available information

Question 10

Password spraying

Answer 10

type of brute force attack where an attacker attempts to gain unauthorized access to multiple accounts by using a few commonly used passwords