Threat actors perform various password attacks against the authentication system of a device.
The intent is to retrieve a valid user credential to gain unauthorized access.
Password guessing may word but it's very time consuming.
In a brute force attack, every possible of combination is tried against the system.
This is a very time consuming process as every possible combination is used until the password is retrieved.
In a dictionary attack, a large wordlist is used to check against the target system.
Each word from the wordlist is tested, however the attack will not be successful if the password does not exist within the wordlist.
A rainbow table is a very large table which contains pre-computed hashes of passwords for a target system.
The pre-computed hashes helps hackers to reduce the time to retrieve the password of a system.
A single rainbow table can be the size of an entire hard drive.
This is a techniques of using a single password and trying against multiple user accounts.
This technique allows a hacker to determine a single password is commonly used between multiple users on a network.