Research Article

Electronic User Authentication Key for Access to HMI/SCADA via Unsecured Internet Networks

Table 1

Methods for cracking the authentication password or username-password pair.

MethodDescription

Dictionary attack [17]The method involves using a list of words to compare with user passwords.
Brute force attack [18]The method uses algorithms that combine alphanumeric characters and symbols to come up with passwords for the attack. For example, a password with the value “password” can also be used like the word p @ $$ using a brute force attack.
Rainbow attack [19]The method uses precomputed hashes (md5), a ready-made database of hashes is generated or bought, and then it is compared with the hashes to be cracked.
Guessing [20]The method assumes guessing the most common passwords (qwerty, password, and admin). Usually used or set as default passwords. If they have not been changed or the user is careless when choosing passwords, then they can be easily compromised.
Spidering [21]The method of social engineering. Most organizations use passwords that contain company information. This information can be found on company websites and social networks, such as Facebook, Twitter, and so on. Spidering collects information from these sources to compile word lists. The wordlist is then used to carry out dictionary and brute force attacks.