Password cracking isn’t just about putting strings into the password bar until one comes out right.
In order for passwords to work, the application using them has to store them, but storing them in plaintext can be incredibly risky, so they’re instead hashed before they ever get sent anywhere, let alone stored anywhere. Hashing is a form of encryption where the same plaintext will always output the same hash, but 2 different strings never should.
Hashing is designed to be impossible to decrypt, and it does it’s job well on that, but it can still be risky should that hash ever get leaked. People have made applications that can rapidly translate millions of possible strings and compare the output to the proper hash until one yields the same result.
It’s these applications that password cracking is built on; the application will tell them the match and then they just input the correct information on the first try.
Latest Answers