Once criminals obtain a password list they can take as many shots as they like to break.
Sites like m publish them, and much large lists are available on the dark web at little cost.
Brute Force Crack, this is just what it sounds like: a technique to reveal those stubborn passwords that cant be unlocked by a dictionary.Their goal generally isnt to crack an individual password, but to run tests against the entire file, knocking down their targets one by one.Lets look at the two most common password-cracking techniques.Things My Lawyer Is Making Me Say.While that may sound like a lot, todays speedy desktop computers can test all of them in an hour or two.It isnt difficult to find lists of compromised passwords.If you're a frequenter of, null Byte, I bet you have at least some interest in information security.How To: Play Prison Architect on Your iPad Now Be the Warden of Your Very Own Jail wanted: Hackers for Bug Bounties News: Airline Offers Frequent Flyer Miles to Hackers News: Federal Prison Sentence Calculator News: Marissa Alexander gets 20 years for firing warning shot.The law in 1030(a 5) is vague and covers a long list of 'attacks' that 'damage' data.Furthermore, you have a hobby that if applied in certain ways, will get you arrested.For example, many people append numbers to their names or user names, which may be stored in plain text.

If some of the statistics cited above are intimidating, rest easy.
Programs are commonly used to infiltrate systems, destroy computers, and log keystrokes in order to obtain personal information about an individual.
Violations of this section are punishable by a fine and up to one year in prison, states 1030(c 2 A unless the individual has previously been convicted of a section 1030 offense, in which case the maximum punishment increases to ten years in prison.
This Web page"s a case of prosecution of someone in 1995 for having run a password cracking tool.The software simply cycles through every possible combination to identify the ones that work.The crime was committed in furtherance of and criminal act.OR, causes physical injury, oR Threatens public health or safety OR Damages systems used by or for government entity for administration of justice, national defense, or national security OR Damages affect 10 or more protected computers during 1 year.Prosecutors can use section 1030(a 5) to charge all of these different kinds of acts.1030(a 3) protects against "trespasses" by outsiders into federal government computers, even when no information is obtained during such trespasses.Cracking a password may seem like a next to impossible task, but youd be surprised how easy it can.How vulnerable are password files to brute force attacks?There are several moral systems out there; although I believe mine is better than all others (I am not a moral relativist I acknowledge the fact that some people will not agree with me on this subject).This table of password recovery speeds is truly scary.In a nutshell, protected computer covers computers used in or affecting interstate or foreign commerce and computers used by the federal government and financial institutions.Machines that can be purchased for less than 1,000 are capable of testing billions of passwords per second.Many computer hackers king bounty the legend patch rely on hacker programs to successfully achieve their goals.There are dozens of password cracking programs on the market, each with their own special recipe, but they all basically do one of two things: create variations from a dictionary of known common passwords or attempt every possible combination using a method called a brute.

Your mileage may vary with sentencing based on prior convictions or current status.
Start your search by this site which is a survey on laws about cryptography in various countries.