User credentials were captured from a database during an assessment and cracked using rainbow tables. Based on the ease of compromise, which of the following algorithms was MOST likely used to store the passwords in the database?
User credentials were captured from a database during an assessment and cracked using rainbow tables. Based on the ease of compromise, which of the following algorithms was MOST likely used to store the passwords in the database?
Rainbow tables are effective against hashes that are generated by weak hashing algorithms without additional security measures like salting. MD5 is a well-known weak hashing algorithm that is vulnerable to such precomputed attacks, making it the most likely algorithm used to store the passwords in this scenario. In contrast, bcrypt, SHA-1, and PBKDF2 incorporate mechanisms that make them more resistant to these types of attacks.
A. MD5 Rainbow tables are precomputed tables that are used to quickly crack the password hash. They are particularly effective against unsalted password hashes that are created using weak hashing algorithms such as MD5, which can be cracked quickly. If the user credentials were captured from a database during an assessment and cracked using rainbow tables, it is likely that the passwords were stored in the database using the MD5 hashing algorithm. In contrast, bcrypt, SHA-1, and PBKDF2 are considered stronger algorithms that are more resistant to rainbow table attacks, as they use a technique called salting to add randomness to the password hash and make it more difficult to crack.
A, is correct.
What you think about the question 211?
A. MD5 MD5 is a hashing algorithm that is considered cryptographically broken due to its vulnerability to collision attacks. Rainbow tables pre-compute hashes for various password combinations, making it easier to crack passwords stored using MD5.
__AAA__
For me is B bcrypt. This the most used and secure
The question actually asked on what type of encryption used that was compromised. So the answer is the least secure encryption. MD5