https://github.com/tom-riddle09/elevate_labs-task06

Elavate Labs - Task 06
https://github.com/tom-riddle09/elevate_labs-task06

Last synced: about 2 months ago
JSON representation

Elavate Labs - Task 06

• Host: GitHub
• URL: https://github.com/tom-riddle09/elevate_labs-task06
• Owner: Tom-Riddle09
• Created: 2025-08-12T14:00:59.000Z (8 months ago)
• Default Branch: main
• Last Pushed: 2025-08-12T14:28:33.000Z (8 months ago)
• Last Synced: 2025-08-12T16:25:53.820Z (8 months ago)
• Size: 1.95 KB
• Stars: 0
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Elavate Labs - Task 06

## Objective

To create different passwords of variying complexity & evaluate its strength.  

## Passwords Used & Scores

1. "password" : Score: 8%, Length: 8, Uppercase: 0, Lowercase: 8, Numbers: 0, Symbols: 0 

2. "Password123" : Score: 75%, Length: 11, Uppercase: 1, Lowercase: 7, Numbers: 3, Symbols: 0

3. "Password@123" : Score: 93%, Length: 12, Uppercase: 1, Lowercase: 7, Numbers: 3, Symbols: 1

4. "NigtinGAle##6534" : Score: 100%, Length: 16, Uppercase: 3, Lowercase: 7, Numbers: 4, Symbols: 2

## Best practices for creating passwords

Based on the evaluation, the identified best practices for creating passwords are as follows:  

1. Password lenght should be atlest 12+ characters.

2. Include uppercase, lowercase , numbers & sysmbols.

3. Try to avoid dictionary words, use phrases.

4. Try to reduce the number of consecutive uppercase or lowercase characters in the password.

## Common Password Attacks

1. Brute Force Attack – Trying every possible combination of characters until the correct password is found.

2. Dictionary Attack – Using a predefined list of common passwords or words to guess the password.

3. Credential Stuffing – Using leaked username–password pairs from previous breaches to access other accounts.

4. Phishing – Tricking users into revealing their passwords via fake websites, emails, or messages.

5. Keylogging – Capturing keystrokes on a compromised device to steal passwords as they are typed.

6. Rainbow Table Attack – Using precomputed hash–password pairs to quickly crack hashed passwords.

7. Man-in-the-Middle Attack – Intercepting communication between the user and system to capture login credentials.

8. Password Spraying – Trying a few common passwords across many accounts to avoid account lockouts.

## Summary 

Longer and more complex passwords (mix of uppercase, lowercase, numbers, symbols) have exponentially more possible combinations, making them harder and slower to crack with brute force or guessing attacks.