While reviewing logs, you encounter multiple entries containing user passphrases in a disguised format. Which method best reveals the actual passphrases from these stored codes?
Adopt a different cryptographic protocol to force the disguised entries to revert to plaintext
Log key presses on each workstation for a period of time
Use a specialized offline dictionary procedure to generate passphrase guesses and compare them to the stored codes
Alter the infrastructure to store passphrases in an unencrypted format for new accounts
Offline dictionary attempts compare hashed user secrets to systematically generated passphrase candidates, which helps uncover valid passphrases. Modifying storage for future accounts or capturing keystrokes does not apply to existing disguised entries in the logs. Changing protocols does not force previous entries to become readable.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an offline dictionary attack?
Open an interactive chat with Bash
Why are hashed passphrases stored instead of plaintext?
Open an interactive chat with Bash
What role does a cryptographic hash function play in securing passwords?