Password crackers have access to more stolen passwords and better password hacking software and tools than ever before.
Experts agree that it’s long past time for companies to stop relying on traditional passwords. They should switch to more secure access methods like multi-factor authentication (MFA), biometrics, and single sign-on (SSO) systems. According to the latest Verizon Data Breach Investigations Report, 81 percent of hacking-related breaches involved either stolen or weak passwords.
First, let’s talk about password hacking techniques. The story is different when the target is a company, an individual, or the general public, but the end result is usually the same. The hacker wins.
Breaking passwords from hashed password files
If all a company’s passwords are cracked at once, it’s usually because a password file was stolen. Some companies have lists of plain-text passwords, while security-conscious enterprises generally keep their password files in hashed form. Hashed files are used to protect passwords for domain controllers, enterprise authentication platforms like LDAP and Active Directory, and many other systems, says Brian Contos, CISO at Verodin, Inc. (Source :ITnews)