Press "Enter" to skip to content

Brute-force attack – demo

Published 19. 12. 2018


What is a brute-force attack? Simplified, it’s actually trying out all possible combinations of characters to break the password. It’s time consuming, so it’s inefficient for long passwords.
How long it would take to calculate it here.
Try with the short passwords in the demo below. The procedure is as follows:

  1. You can choose your username and password (only lowercase letters and up to three characters long), then click the “Register” button. This simulates registration on a server (the name and password are stored in the database).
  2. Click the “Run” button: this will trigger the attack – the program tests the character combinations in the “Password” field in the “Login” section (simulation of the login form).
  3. Once you’ve found the combination, you can try logging in with the “Login” button.

Basic info about creating passwords below.

Register

Choose username:

Password (max. 3 lowercase letters)

* Brute-force attack is time and resources consuming, it would take too long in the web browser

Login

Username

Password

Brute-force


Server database

Username
Password

 
 

Passwords

Basic rules for safer password

  • As long as possible
  • Upper- and lower-case letters, numbers and special characters
  • Random
  • Unique for each service
How to?
  • Password generator
  • Diceware
  • Password manager
  • Multifactor authentication
In case you don't know how to set up these, come to Digital self-defense workshop or meet in person for consultancy

Published in Blog, nástroje and Techniky hackerů