Password attacks attempt to discover, or bypass, passwords used for authentication on systems and networks, and for different types of files. Some password attacks are sophisticated cryptographic attacks, while others are rather simple brute force attacks. If you’re planning to take the SY0-601 version of the Security+ exam, you should understand potential indicators to determine the type of attack.
For example, can you answer this question?
Q. While reviewing logs on a web server hosted by your organization, you notice multiple logon failures to an FTP account, but they’re only happening about once every 30 minutes. You also see that the same password is being tried against the SSH account right after the FTP account logon failure. What BEST describes what is happening?
A. Brute force attack
B. Dictionary attack
C. Plaintext attack
D. Spraying attack
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.
An online password attack attempts to discover a password from an online system. For example, an attacker can try to log on to an account by repeatedly guessing the username and password. Many tools are available that attackers can use to automate the process. For example, ncrack is a free tool that can be used to run online brute force password attacks.
Offline password attacks attempt to discover passwords from a captured database or captured packet scan. For example, when attackers hack into a system or network causing a data breach, they can download entire databases. They then perform offline attacks to discover the passwords contained within these downloaded databases.
A primary indicator of online password attacks can be found in system logs that record successful and unsuccessful logons. These logs will show repeated attempts to guess passwords. In Windows systems, this is recorded as Event ID 4625 in the Security log available in Event Viewer. If the attacker enters the wrong password too many times, the system will lock the user account. This is recorded as Event ID 4740. The online labs show you how to create a custom filter to view these events.

Birthday Attacks
A birthday attack is named after the birthday paradox in mathematical probability theory. The birthday paradox states that for any random group of 23 people, there is a 50 percent chance that 2 of them have the same birthday. This is not the same year, but instead one of the 366 days in a year, including February 29.
In a birthday attack, an attacker attempts to create a password that produces the same hash as the user’s actual password. This is also known as a hash collision, as described earlier. Using the knowledge of the birthday paradox, the attacker doesn’t need to guess every possible password before discovering a collision. If the password could only be one of 366 possibilities, the attacker has a 50 percent chance of guessing it after only 23 attempts. Birthday attacks on hashes are thwarted by increasing the number of bits used in the hash to increase the number of possible hashes. For example, the MD5 algorithm uses 128 bits and is susceptible to birthday attacks. SHA-3 can use as many as 512 bits and is not susceptible to birthday attacks.
Rainbow Table Attacks
Rainbow table attacks are a type of attack that attempts to discover the password from the hash. A rainbow table is a huge database of possible passwords with the precomputed hashes for each. It helps to look at the process of how some password cracker applications discover passwords without a rainbow table. Assume that an attacker has the hash of a password. The application can use the following steps to discover the password that matches the hash:
- The application guesses a password (or uses a password from a dictionary).
- The application hashes the guessed password.
- The application compares the original password hash with the guessed password hash. If they are the same, the application now knows the password.
- If they aren’t the same, the application repeats steps 1 through 3 until finding a match.
From a computing perspective, the most time-consuming part of these steps is hashing the guessed password in step 2. However, by using rainbow tables, applications eliminate this step. Rainbow tables are huge databases of passwords and their calculated hashes. Some rainbow tables are as large as 690 GB in size, and they include hashes for every possible combination of characters up to nine characters in length. Larger rainbow tables are also available using more characters.
Rainbow table attacks are often performed offline on stolen or compromised databases. In a rainbow table attack, the application simply compares the hash of each password in the database against hashes stored in the rainbow table. When the application finds a match, it identifies the password used to create the hash (or at least text that can reproduce the hash of the original password). Admittedly, this is a simplistic explanation of a rainbow table attack, but it is adequate unless you plan on writing an algorithm to create your own rainbow table attack software.
Salting Passwords
Salting passwords is a common method of preventing rainbow table attacks, along with other password attacks such as brute force and dictionary attacks. A salt is a set of random data such as two additional characters. Password salting adds these additional characters to a password before hashing it. These additional characters add complexity to the password, and result in a different hash than the system would create using only the original password. This causes password attacks that compare hashes with a rainbow table to fail.
Key Stretching
Key stretching is an advanced technique used to increase the strength of stored passwords. Instead of just adding a salt to the password before hashing it, key stretching applies a cryptographic stretching algorithm to the salted password. The benefit of key stretching is that it consumes more time and computing resources— frustrating attackers who are trying to guess passwords.
Three common key stretching techniques are bcrypt, Password-Based Key Derivation Function 2 (PBKDF2), and Argon2.
Bcrypt is based on the Blowfish block cipher and is used on many Unix and Linux distributions to protect the passwords stored in the shadow password file. Bcrypt salts the password by adding additional random bits before encrypting it with Blowfish. Bcrypt can go through this process multiple times to further protect against attempts to discover the password. The result is a 60-character string.
As an example, if your password is IL0ve$ecurity, an application can encrypt it with bcrypt and a salt. It might look like this, which the application stores in a database:
$2b$12$HXIKtJr93DH59BzzKQhehOI9pGjRA/03ENcFRby1jH7nXwt1Tn0kG
Later, when a user authenticates with a username and password, the application runs bcrypt on the supplied password and compares it with the stored bcrypt-encrypted password. If the bcrypt result of the supplied password is the same as the stored bcrypt result, the user is authenticated.
As an added measure, it’s possible to add some pepper to the salt to further randomize the bcrypt string. In this context, the pepper is another set of random bits stored elsewhere.
PBKDF2 uses salts of at least 64 bits and uses a pseudo-random function such as HMAC to protect passwords. Many algorithms such as Wi-Fi Protected Access II (WPA2), Apple’s iOS mobile operating system, and Cisco operating systems use PBKDF2 to increase the security of passwords. Some applications send the password through the PBKDF2 process as many as 1,000,000 times to create the hash. The size of the resulting hash varies with PBKDF2 depending on how it is implemented. Bit sizes of 128 bits, 256 bits, and 512 bits are most common.
A weakness with PBKDF2 is that it can be configured to use less computing time and less RAM. While this may seem beneficial to users, it also makes it easier for attackers, allowing them to guess many passwords in a short amount of time.
A Password Hashing Competition (PHC) in 2015 selected Argon2 as an alternative key stretching algorithm. Like bcrypt and PBKDF2, Argon2 uses a password and salt that is passed through an algorithm several times. Argon2 has been improved with each new version using a lowercase letter such as Argon2d and Argon2i.
Q. While reviewing logs on a web server hosted by your organization, you notice multiple logon failures to an FTP account, but they’re only happening about once every 30 minutes. You also see that the same password is being tried against the SSH account right after the FTP account logon failure. What BEST describes what is happening?
A. Brute force attack
B. Dictionary attack
C. Plaintext attack
D. Spraying attack
Answer is D. This indicates a password spraying attack. It loops through a list of accounts, guessing a password for one account at a time, and then guessing the same password for a different account.
In this scenario, the attack may be guessing passwords for other servers before it returns to the web server.
A brute force attack attempts to guess all possible character combinations for a password, and a dictionary attack uses a dictionary of words trying to discover the correct password.
A spraying attack could use either a brute force method or a dictionary method when guessing the password; however, these methods do not loop through a list of user accounts.
In a plaintext attack (also called a known plaintext attack), an attacker has samples of known plaintext and can use these samples to decrypt ciphertext that includes this plaintext.
See Chapter 10 of the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide for more information on implementing secure systems.