When you create a password for a device (assuming it’s just for that device) the password gets stored somehow. The way it is often stored is through a hash which is a bit of math that is done to get a consistent and unique set of numbers and letters that represent that password.
For example:
Password123 becomes ABF375648234
Every single time that Password123 is entered ABF375648234 comes out as the result from that math. If you type password123 the outcome is E123FAAD89 so it doesn’t match which means the password is wrong.
So how do you crack the password if there is only a limited set of tries on the device? Well you grab the bit that stores the “hash” move it somewhere else and try until you get a matching output. You can try as many times as you want until you get the right output.
As a bonus: because most of these bits of maths allow for something called “collisions” which are basically a scenario where your input could be AsEooKB123777777 and the math still says ABF375648234 then that input would also be accepted. Which means that if you want to crack a password that is stored and compared in this way: you don’t necessarily have to guess the actual password which makes things easier because you can have multiple right answers.
This isn’t the only way, but it’s the most common one when talking about the “guess until you are right” approach to cracking a password.
Latest Answers