- Brute-force attack is a basic type of password recovery attacks. Password candidates are generated sequentially based on charset and length selected. The easiest way to imagine it is a 4-digit, pin-like password. All numbers from "0000" to "9999" are a part of brute-force attack based on "0123456789" charset with the length of 4 for this password.
- Brute-force attack with a big charset and a long length can be used to recover virtually any password, but the time required for this attack is beyond any reasonable timeframe, thus it is important to use all additional details known. For example, a person's birth year can be guessed with a full brute-force search from "0000" to "9999", but it is obviously not the best way to do it. There is why mixed attacks are available and multi-position modifications can be used to mix in 1 or 2 capital letters or special chars.
- Even if brute-force search is necessary, there are filtering options available to limit number of equal chars in sequence or in total. Simply, by filtering numbers with equal digits we can limit search range from 10000 down to 5040 combinations for the 4 digits example shown above.
- "Ignore Case" filtering option is used to control letter count. For example, "AaAa" is 2x'A' + 2x'a' without "Ignore Case" and 4x'A=a' with this option enabled.
Copyright © 2003-2017 Thegrideon Software.
All trademarks, logos, product names & pictures mentioned or displayed herein are the property of their respective holders.