To meet the criteria for the Cyber Essentials scheme, FBC Manby Bowdler had to demonstrate it had measures in place to protect its systems from issues such as hacking, phishing and password guessing
 studied the threat posed by user password reuse behavior and proposed a cross-site password guessing
Thus, an attacker who compromises a file of hashed passwords will not be able to obtain the plaintext passwords without performing a password guessing
attack, whereby the attacker chooses and hashes a candidate password, and compares the result to each of the hashes contained in the password file.
However, this also makes the scheme vulnerable to offline password guessing
attack, especially when the verification table is disclosed.
The proposed method is used for resisting the off-line password guessing
When keys are used, password guessing
is rendered useless; to login, valid users must present their cryptographic key instead of a password to gain access to the server.
Although it was resistant to eavesdropping and impersonation attack but was vulnerable to replay attacks, offline password guessing
attacks and password related problems.
FlowTraq uses advanced algorithms to detect DDoS attacks and many other undesirable network behaviors such as scanning, brute force password guessing
, worm propagation, and data exfiltration.
The online "assaults" are expected to be in the form of "Distributed Denial-of-Service" (DDoS) attacks, suspicious websites, compromising information systems, password guessing
or requests, and Phishing.
Vulnerable to Smart Card Lost Attack and Password Guessing
They also pointed out password guessing
attack, insider attack, and MS-node impersonation attack on it.
Elkins involves audience members to operate the plant while he demonstrates network and internet reconnaissance, password guessing
attacks, man-in-the-middle attacks, and buffer overflow attacks in the model industrial control system environment.