So I get the more complicated and long the password the harder it is to brute force, but do these programs start with like 111aaa and then go to like 111aab and so forth. Or, are they just trying every combination randomly? If the latter, isn’t there a chance (a very small one) that if it is kinda random that they could break a really good password on like the first try? Similar to winning the lottery? If it’s not random, that has its own issues. I don’t get it. Help.
In: 0
>but do these programs start with like 111aaa and then go to like 111aab
That’s the idea. The most basic of brute force password crackers actually starts at 1, and then goes to 2, then 3, and so forth, before getting to 0 and switching to letters.
Even for a brute force approach, it’s not ideal. More typically, they’ll have a small dictionary of, say, the 10,000 most commonly used passwords and start with those and then, if they know the minimum and maximum password lengths, it’ll “skip ahead” to the most basic of those and start there.
The key is that a brute force approach can try thousands or hundreds of thousands of passwords per second. The defense, of course. is to not allow that, but, sometimes, some places just don’t.
>Or, are they just trying every combination randomly? If the latter, isn’t there a chance (a very small one) that if it is kinda random that they could break a really good password on like the first try?
Some do, although it’s not quite “random”, it’s close enough, and yes. They could win the lottery and get it on the first go. It’s even more unlikely than actually winning the lottery, but it is possible.
Latest Answers