Welcome to Hands-on Password Attacks and Security

Passwords have become the top authentication factor in today’s world. You use it in combination with an email or username to sign into almost any service. Big Corporations like Google, Microsoft, Amazon, and Facebook still widely use passwords as an authentication mechanism today. But how secure are passwords?

This course focuses on the practical attacks that malicious users use to crack passwords, how you can use this attack in a penetration test, and how you can prevent them. We will very briefly cover the basics of cryptography, hashing and entropy and then immediately go on to crack different types of passwords using different methodologies.

Over the next 2 week you will learn:

• how to set up a small environment for security testing
• how to bypass passwords using Brute Force Attacks, Dictionary Attacks, Rainbow table attacks and keyloggers
• how to use different tools to perform password attacks
• how to prevent Brute Force Attacks, Dictionary Attacks, Rainbow table attacks and sniffing via keyloggers how to create strong passwords that you will never forget
• about tools to help you prevent password attacks and/or create a strong password

This course is being presented by Zanidd. Zanidd has over 8 years’ experience as a Full Stack Software Engineer and a System Engineer, and over 2 years’ experience as a Penetration Tester. He has been teaching users about hacking, security and software engineering on his YouTube channel for 4 years.

This course contains several practical demonstrations for you to follow along. The best way to learn is by doing, so where we would like you to try out what has been demonstrated or discussed, we will indicate this with ‘over to you’.

Course roadmap

This course is designed to give you the knowledge, the skills to identify, mitigate and prevent cyber security related issues. You will gain this knowledge and acquire these skills over two weeks. The course structure is shown in the roadmap below.

Technical requirements

To complete this course, you will need:

• Operating system: Mac, Linux, Windows
• Browser: Firefox, Chrome
• VirtualBox, Latest Version
• Windows 10 Developer or Evaluation VM for [VirtualBox] (https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/)
• Kali ISO

Learning outcomes this week

We will start this week by focusing on what password security is, and the types of password attacks.

By the end of this week, you will be able to:

• identify how to prevent password attacks
• describe when password cracking is permissible
• describe the basics of entropy, hashing, and cryptography for password security
• explain how to crack a password
• explain how to set up a small environment for security testing
• describe brute force attacks, dictionary attacks, rainbow table attacks and keyloggers
• explain how to bypass passwords using brute force attacks, dictionary attacks, rainbow table attacks, and keyloggers

Working together For this course, it is really important that you take the time to share comments and interact with others on the course. The educators from your videos will not be providing feedback as you move through the content, but you and other users should work together to discuss what you are learning and to support each other.

Next steps When you are ready, you can mark this step as complete and move on to the next step, ‘Has Your Password Even Been Hacked?’ to begin.