Thursday, March 29, 2012

Is It Possible To Crack A Facebook Account?

We have discussed alot about popular password cracking methods such as Bruteforce, Dictionary attack and Rainbow tables. However a question I get asked frequently is if it's possible to crack a Facebook account. So I wish to clear concepts related to Hacking/Cracking Facebook accounts. First of all "Hacking a Facebook account" and "Cracking a facebook account" are both different terminologies.

Hacking a facebook account refers to foolproof methods such as Phishing, keylogging, Social engineering etc.
However the terminology cracking refers to the methods such as Bruteforce, Dictionary attacks etc.

Brute Force Attacks


Bruteforce is one of the most common and most reliable password cracking methodologies. A bruteforce attack tries all possible combinations against the medium, until the correct password is found. However the problem with a bruteforce attack is that as the password complexity increases, the time taken to crack a password also increases.

The chart above illustrates the time the estimated time taken by a computer in order to bruteforce a password, assuming that if it's capable of trying 10,000 passwords per second. However, the time taken can be reduced by adding the number of processors to the task. Therefore the only flaw with the attack is that it requires lots of potential. 



Dictionary Attacks

The only difference with a bruteforce attack and Dictionary attack is that "A Dictionary attack tries the passwords which we want it to try". Confusing?. In a dictionary attack we have the freedom to choose a huge list of words that people commonly use in their password (Depending upon the situation). The following video will help you understand more about Dictionary attacks.



Is It Possible To Crack A Facebook Account?


Coming back to the main topic of this article. A few hours back while I was watching hacking related videos on securitytube.net, I came across to a video in which the hacker claimed that one can use "Hydra To Crack A Facebook Password". However here is why a bruteforce attack won't work against a facebeook account.




Facebook and all other popular social networking websites lock an email account, after few unsuccessful login attempts. They either have introduced an "Account Lockout Feature" or they either have introduced an "Account Lockout" feature, which prevents an automated password cracking method to work. However, even if you get it working, A minimum facebook password length is about 6-characters. kindly refer to the chart and find out your success rate.

Likewise, if you have any questions, Feel free to ask.

No comments:

Post a Comment

Please Stop Spamming , Swearing And Abusing.

Recommended Post Slide Out For Blogger