Password Attacks

It makes the application run slower.

It requires more storage space.

Anyone with access to the password file or database can read all credentials.

It prevents users from changing their passwords frequently.

It can be easily reversed to recover the original password.

It represents data as a fixed-length string of text.

Different inputs will always produce the same hash.

It is primarily used for encryption, not integrity.

To lock out as many user accounts as possible.

To identify accounts with common, weak passwords without causing lockouts.

To encrypt user passwords for secure storage.

To gain access to a single, specific high-value account.

Offline attacks are faster due to higher network bandwidth.

Offline attacks are less likely to cause account lockouts or trigger alarms.

Offline attacks require less computational power.

Offline attacks can only be performed on encrypted passwords.