) After completing the preceding Windows or UNIX steps, you can either force users to change passwords that dont meet specific password policy require- ments, or create a new password policy. Be careful handling the results of your password cracking. You create an accountability issue because more than one person now knows the passwords. Always treat the password information of others as strictly confidential.

Passwords by the numbers One hundred twenty-eight different ASCII characters are used in typical computer passwords. (Technically, only 126 characters are used because you cant use the NULL and the carriage return characters.) A truly random eight-character password that uses 126 different characters can have 63,527,879,748,485,376 different combinations. Taking that a step further, if it were possible (and it is in Linux and UNIX) to use all 256 ASCII characters (254, without NULL and carriage return) in a password, 17,324,859,965,700,833,536 different combinations would be available. This is approximately 2.7 billion times more combinations than there are people on earth! A text file containing all the possible passwords would require millions of terabytes of storage space. Even if you include only the more realistic combination of 95 or so ASCII letters, numbers, and standard punctuation characters, such a file would still fill thousands of terabytes of storage space. Th

Thats why rainbow attacks are more effective at cracking passwords than dictionary and brute-force attacks. Given the effectiveness of rainbow password attacks, its realistic to think that eventually, anyone will be able to crack all possible password combinations, given the current technology and average lifespan. It probably wont happen; however, many thought in the 1980s that 640KB of RAM and a 10MB hard drive in a PC were all that would ever be needed! Cracking Windows passwords using rainbow tables with ophcrack You can also perform a rainbow attack by using the open source tool ophcrack (not to be confused with the retired L0phtcrack). Perform the fol- lowing steps for the Windows version:

1. Download the source file from 2. Extract and install the program by entering the following command: ophcrack-win32-installer-3.3.1.exe (or whatever the current filename is) 3. Load the program. 4. Click the Load button and select the type of test you wish to run. In this example, shown in Figure 7-4, Im connecting to a remote server called test1. This way, ophcrack will authenticate to the remote server using my locally logged-in username and run pwdump code to extract the password hashes from the servers SAM database. You can also load hashes from the local machine or from hashes extracted during a previ-