Hands-on Project 7-1

Introduction

"A rainbow table is a compressed representation of plaintext passwords
that are related and organized in a sequence (called a chain).

To create a rainbow table each chain begins with an initial password that is hashed, and then that hash is fed into a function that produces different plaintext passwords. This process is repeated for a set number of rounds. The initial password and the last hash value of the chain comprise of a rainbow table entry.

First, the password to be broken is hashed and then that hash is run through the same procedure used to create the intial tables. This results in the initial password of the chain. Then it is repeated starting with this intial password until the original hash is found. The password used at the last iteration is the cracked password." (2009, Mark Ciampa)

3 characteristics of strong password

1) longer than 14 characters
2) includes mixed case of alphabets and numbers
3) includes symbols or spaces (if the program allows)

=============================================

Homepage of Ophcrack


















Click on 'Windows' to start downloading


















Click 'Run' to install after downloading

















Installing Ophcrack




















Select the table that you want to download




















Opening screen of Ophcrack



















Homepage of Objectif Securite



















Type the password in the textbox and submit


















Copy the hash value to clipboard



















After selecting the table that you have downloaded, select 'Single hash'



















Copy and paste the hash value into the highlighted area


















After clicking on 'Crack', the results of "12345" will appear

=============================================

Reflection

It is advisible to use longer passwords more than 14 characters that includes numbers, symbols, different cases of aplhabets and even spaces inside the password if the program allows. This decreases the possibility of having your passwords cracked easily by the hackers just by using rainbow tables.Even though passwords are being hashed, but it is still not safe, as there are also programs developed to crack the hashed passwords.

In order to be safe than sorry, users can visit websites like Ophcrack and Objectif Securite to check whether one's password can be easily cracked by rainbow tables anot, and change accordingly.