£199.99 £139.99 for one year of Unlimited learning. Offer ends on 14 November 2022 at 23:59 (UTC). T&Cs apply

Find out more
Cracking Weak Passwords
Skip main navigation

Cracking Weak Passwords

In this video, Zanidd will explain why weak passwords are best cracked by brute force attacks. Watch him set a custom configuration to do so.
Hello, world. I’m Zanidd, and welcome back to the Hands On Password Cracking and Security course. In this video, you will break your first weak password with a custom configuration. Why are we bothering with weak passwords? They’re easy and fast to crack and if they’re random they’re only breakable with brute force attack. It’s where they shine. For this exercise, the password will be ffz6.
This password is not to be found in any dictionary, wordlist, rainbow table, which makes it the perfect example for a brute force attack. This password can, of course, be broken with the default alnum mode but since we know its exact length, we can make a custom mode that could break it even faster.
You can find the two files in the Git repository that we cloned from the first lesson.
There are two files: one is called alnum_ffz6_md5, and the other is custom_ffz6_md5. They both contain the same MD5 hash of the password ffz6 but you have to crack both of them. Use the alnum mode for the alnum file and the custom mode for the custom file and compare how long it took for both of them to break the password.
Have fun with the exercise. In the next video, we will crack a real password that was once used by a real person.

This video will look at why weak passwords are best cracked by brute force attacks. How to break a weak password with a custom configuration will be demonstrated.

Why start with weak passwords? Well, these are easy and fast to crack, and a good place to start before moving on to more difficult examples.

Over to you: Crack your first weak password using a brute force attack. Report back on the experience in the Comments section below.

This article is from the free online

Advanced Cyber Security Training: Hands-On Password Attacks

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education