Skip to main content
This site uses cookies to provide you with a greater user experience. By using Exceed LMS, you accept our use of cookies.
Google for Education
Applied Digital Skills
ChromeOS and Google for Education Partner Training Portal
All Topics

Previous Activity

Use Concatenate Functions to Create Word Variations

Launch a Dictionary Attack on Yourself

  • By Applied Digital Skills
  • Published: Oct 4, 2022
  • Rating
    Average rating: 5.0 1 review

Transcript

In this video, you will carry out a dictionary attack on your pretend passwords.

In your Dictionary Attack spreadsheet, return to the tab with your ten fake passwords.

Select the cells in column B, and insert checkboxes.

You will use them later to note whether your fake passwords were guessed in your dictionary attack.

Now, copy the first password in your list.

Return to the 5,000 word list sheet, and open the “find and replace” tool.

Paste your password in the find field.

Then, select the options to make sure your results: are from the dictionary attack word list sheet, and match your password exactly.

Then, click “find.” If the password appears in the spreadsheet, it would have been guessed in the dictionary attack.

Return to your fake passwords list and check the box next to the first password if it was guessed in your dictionary attack.

If not, leave it blank.

Now, repeat the process for your second password.

Copy it, then use the “find and replace” tool in the word list spreadsheet to search for it.

Select the same options.

If the password appeared in the search, check the box in column B.

If not, leave it unchecked.

Now, search for your third password.

In “this” example, the word is in the spreadsheet, but it is lower-case.

It may not be an “exact” match, but the programs hackers use automatically vary words by making the first letters upper-case.

This word would have been guessed in a dictionary attack.

Continue the process until you have searched for all ten of your passwords.

How many of the passwords you created for this lesson would be guessed in a dictionary attack?

How many would be guessed if a hacker was using a list of “ten thousand” words -- or a list of thousands of popular first and last names, street names, or cities and towns?

And what if a computer program automatically added “hundreds” of possible variations to these words?

Just because a password wasn’t guessed in “this” attack does not mean it’s secure.

Now, it’s your turn: Use the “find and replace” tool to search for each password, Search in the “5,000 Most Popular Words” sheet, and match the passwords exactly, Insert checkboxes next to your passwords, And check the boxes for each password that was guessed in this pretend dictionary attack.

Instructions

  1. Use the “find and replace” tool to search for each password.
  2. Search in the "5,000 Most Popular Words" sheet, and match the passwords exactly.
  3. Insert checkboxes next to your passwords.
  4. Check the boxes for each password that was guessed in this pretend dictionary.

Next Activity

Create and Protect a Secure Password