Third party cookies may be stored when visiting this site. Please see the cookie information.

Penguin Fortress YouTube Channel

Understand Password Hacking with John the Ripper

Crack your own passwords to understand the risks

Learn how to keep your systems secure by understanding what hackers do.

The video below shows how you can combine your password and shadow files into a single file, then pass the file through John the Ripper to launch a dictionary attack against the password file.

Transcript: Understanding Password Hacking with John the Ripper - Video Transcript

It explains the mechanisms that are used to protect your password (understand password hashes and the importance of the shadow file) and you can then use this technique to check how secure your passwords really are.

Please note that this should only be used against systems where you have appropriate permissions. Do not do use this to crack passwords that you don't own.

For more details about how username and password security work on Linux systems see the following guides:

Previous Linux passwd & shadow files
Linux passwd & shadow files
Next Stupid Password Rules
Stupid Password Rules