Crack (password software)

Crack is a program that is used to guess passwords on UNIX and UNIX -like systems. It was written by Alec Muffett 1991 and is now available in version 5.0.

Crack uses the / etc directory contained passwd file in which normally the passwords were contained encrypted. Crack guess passwords and look for login names that use a weak password. It also dictionaries can be used to be used for specific topics, for example, words ( dictionary attack ).

This attack can be done by, as the login shell for the file passwd has to be read out.

Because Password shadowing is used on most UNIX systems today, this program has lost some of its impact in this area, as the shadow file is not readable by all users and thus can not be copied.

The shadow file is also in / etc, but can not be read by the login shell, since the corresponding rights do not exist. Shadowing is made possible by a suite of programs that read the associated with the user name password from the shadow file and pass it to the login shell. This increases security at login.

Programs like crack are also used by administrators to prevent weak passwords when changing user passwords. Here, this program runs in the background and checks the new passwords entered, ie whether they appear for example in a dictionary. If this is the case, the entry of another password is required.