Peter Kodermac (2011) Weaknesses of too simplified user passwords. EngD thesis.
Abstract
This thesis is describing the meaning of passwords and dangers that ignorant users with simple passwords are faced with. One of the main purposes of this research is awareness and practical demonstration on how quickly one can find such users today. The first section represents various issues that can result from the abuse of personal information and passwords. Too many people provide personal information to untrusted websites or continuously use the same simple password. One of the main focuses is a method used to identify such individuals and uncover their passwords. The method used for achieving this goal is called dictionary attack. The method demonstrates how this can be achieved, together with suggestions on how to achieve better results. Further in the thesis, the results of this method are presented using a specific Fri-Info forum, along with the analysis of the passwords discovered as a result. Subsequent sections illustrate methods on how to effectively prevent automated processes as much as possible. In addition; the subject of bypassing such protection will also be covered. An application is also presented, which is capable of executing dictionary attack on Fri-Info forum. The composition and function of this application is discussed furthermore in detail together with additional scripts used by the same software. This application also lacks in some areas which are pointed out along with potential improvements. Lastly, the ending section will demonstrate different ways one can can anonymously uncover weak passwords through the means of whats we know as dictionary attack. The creation and/or use of such tools is illegal.
Actions (login required)