The two key types of attacks performed in Cain and Abel to crack user passwords are the dictionary attack and brute-force attack. A dictionary attack is an authentication mechanism employed in trying to determine the decryption key by searching the likely possibilities. The dictionary attack involves the use of all words in an exhaustive list referred to as a dictionary. A brute-force attack is also referred to as an exhaustive key search and it is a strategy that is used against any data that is encrypted. The brute-force attack technique involves checking all the possible keys systematically until the possible key is found. It could also involve the traversing of the whole search space in worst experiences.
Both the dictionary attack and the brute-force attack involve exhaustive search of possible passwords. The brute-force attack would enumerate all the algorithms and check each one of them until the desired result is found while the dictionary attack will involve an exhaustive search of all possible words in a list referred to as a dictionary. It is more successful in shorter passwords of at least seven characters. On the other hand, a brute-force attack could involve the recovery of longer passwords while the dictionary attack involves only shorter passwords. After using the two methods, I would come to a conclusion that the brute-force attack is more effect because of its systematic approach to password recovery. It is also flexible because it involves the recovery of both shorter and longer passwords.
The other algorithm used to store passwords is MD5 Message-Digest Algorithm. It has been applied in a wide variety of security applications. It is also used in promoting data integrity because of the highest levels of security that it has. Clercq & Grillenmeier (2006) assert that Professor Ron Rivest designed MD5 with the aim of replacing MD4 that was deemed less secure in the protection of computers and data. There have been numerous advancements by researchers. Research indicates that MD5 is not collision resistant meaning that it is not suitable for applications such as digital signatures and SSL certificates. The MD5 algorithm of storing passwords was further advanced in the years 2005, 2006, and 2007 by a group of individuals who wanted it to be more effective. It is more secure compared to MD4.
Another password recovery software is asterisk password recovery software. It is one of the key ways of recovering passwords that may have been forgotten or lost by individuals or organizations. It reveals lost passwords in dialogue boxes and web pages hence ensuring that passwords are recovered instantly. The cutting-edge password recovery engine facilitates the instant recovery of passwords using this software. It is a simpler software to set-up and use because of its simpler features. It is more effective because it supports the recovery of multilingual passwords hence enabling individuals access passwords of any kind. It is similar to Cain and Abel in the way it reveals passwords. According to Alapati, Kuhn, & Nanda (2007), passwords can be revealed in dialogue boxes and web pages. It is different from the Cain and Abel software because it uses the cutting-edge passwords recovery engine that is not used in Cain and Abel software.
Cain and Abel attack is not malware. Kleiman (2006) asserts that it is not malware because it is an ethical hacking tool that is used by testers to promote the security of a network. This is effected through the recovery of passwords that may have been lost through hacking of may have been forgotten. It is not malware because it is used to monitor the network and crack passwords at instances that it is required. It is not malware because it does not infect files that are stored in the pc but aims at protecting them. In fact, it does not replicate itself or install itself automatically hence; it cannot be categorized as malware.