top of page

How Do Hackers Hack Passwords!

What is hashing algorithm?

Hashing algorithm takes your plain text password (123456) and changes the plain text to hashed text form (bh46whb74u6hwb46j56h) which can't be found makes it hard to find.

their are so many hashing algorithm like SHA-1, SHA-256, MD5, Tiger, CRC32, etc....

Take an example like you are creating an account on Instagram, Instagram will ask or email, next username and last password, you have kept your password as 123456

the email, username, will be the same but in the company database but the password will be in hashed text. the company will have a hashed text form of your password.

if the Instagram database has been leaked or hacked. the hacked may have your login details but can't login into your account because they don't have your original password, they have your hashed text form password.

Hackers have hacked big companies' like apple, domino's, twitter, Facebook, Uber and their database has been leaked

Now hackers have your hashed form password,

The first technique hackers will use to crack the password is

Rainbow table-

In internet their are so many tables which contain the most commonly used password and their hashed text form, hackers will give the hashed text and make the match with the password which exists in the rainbow table. so, the company will say to keep the password different then the commonly used password example: 123456,password, etc..

this fails the hacker will go to the next method

Dictionary attack-

In this method hackers will get the commonly used text and combine with others related words and give it to a software that tries only those possibilities that are most likely to succeed.

Even if this fails, hacker use next method

Brute-force attack-

Hacker will give a guess list of username and password combinations and the software will try to repeat login until one of them is successful, but it can take a computer like 1QT years to find it

so, to get rid of this three technique is to keep a strong password.

the company will use a security technique called salting. every company have their private set of character named salt. For example, your password is 123456 when the company adds salt to it, it will be like 12wss34wss56 and keep it in the database. if the hacker hacks the database he will get the salt hashed password which will be tougher for the hacker to crack it, he can only crack it if he knows about the company salting.

This are the some of the basic hacking techniques.

bottom of page