Is cracking a password illegal?

[tudx]

Is cracking a password illegal?

 

[Kosher Dill]

If you want to know what's legal wherever you are, consult a lawyer licensed to practice in your jurisdiction.

As a non-lawyer, a bit of friendly advice: whatever you are planning to do is obviously illegal and you should stop.

 

[Aidan]

Y'know there's a thread for one-off questions like this?

 

[I am vomit]

You're going to both prison and hell just for asking.

 

[Bongocat]

I have actually had to crack some client's passwords to get around a stupid problem our system was having. Thank god for theywillneverguessmypassword1995

 

[tudx]

to do is obviously illegal and you should stop.

it just crossed my mind when I was watching Mr. Robot

 

[tudx]

Y'know there's a thread for one-off questions like this?

not until now my friend

 

[Knight of the Rope]

As a non-lawyer, a bit of friendly advice: whatever you are planning to do is obviously illegal and you should stop film and document the entire thing from start to finish and make a thread here that will entertain us all.

Fixed.

 

[Kiwi On The Go]

Did you know that Kiwifarms actually has a prevention system set up to help protect peoples' passwords?
If you try to post your own password, it will be automatically censored. For example, my password is *************. Try it!

 

[Crunchy Oats]

Did you know that Kiwifarms actually has a prevention system set up to help protect peoples' passwords?
If you try to post your own password, it will be automatically censored. For example, my password is *************. Try it!

niggerniggerniggerniggerblackniggers

EDIT: hey that didn't work

 

[MAPK phosphatase]

The DMCA makes it illegal to break any electronics locks.

Penetration testers seem to get away with hacking, which can often include cracking passwords, but they get permission from the owners of the place they're breaking into.

 

[z0mb0]

I think just the attempt is illegal. there's a gray area on exploits that can get you thousands of account info though. depends how you do it i guess.

 

[Least Concern]

niggerniggerniggerniggerblackniggers

EDIT: hey that didn't work

You still see your own password. It only gets censored for other people. Here's what your post looks like to us.



To address the OP: Cracking a password in itself is not generally illegal, but if you're doing it in order to access a computer or network without authorization, that's a crime pretty much anywhere.

 

[awoo]

I have actually had to crack some client's passwords to get around a stupid problem our system was having. Thank god for theywillneverguessmypassword1995

I sold a damaged laptop for parts to a computer repair guy and apparently I had set a bootlock password long ago. Idk how he figured it out but I think it was like 1111 or 1234 or something.

 

[libRT]

Offline - not illegal. Though taking hashes that don't belong to you is. also illegal to use the cracked password on an account that doesn't belong to you.
Online - legal if you own the host, illegal if you don't

There are caveats that change the legality, like if you own a website hosted by a third party (webhost or cloud), it's probably in the service agreement that online brute-forcing not allowed without express permission.
Even if you have permission from the owner, in some jurisdictions there are still clauses for recklessness and/or being shitty. (e.g a friend asks you to test their website, loading it up with bitcoin miners is not legal)

Depends where you are but that's the general rule of thumb.

I sold a damaged laptop for parts to a computer repair guy and apparently I had set a bootlock password long ago. Idk how he figured it out but I think it was like 1111 or 1234 or something.

I think if you pull out the CMOS battery and wait 30 seconds, it will reset the BIOS

 

[Bongocat]

Offline - not illegal. Though taking hashes that don't belong to you is. also illegal to use the cracked password on an account that doesn't belong to you.
Online - legal if you own the host, illegal if you don't

There are caveats that change the legality, like if you own a website hosted by a third party (webhost or cloud), it's probably in the service agreement that online brute-forcing not allowed without express permission.
Even if you have permission from the owner, in some jurisdictions there are still clauses for recklessness and/or being shitty. (e.g a friend asks you to test their website, loading it up with bitcoin miners is not legal)

Depends where you are but that's the general rule of thumb.


I think if you pull out the CMOS battery and wait 30 seconds, it will reset the BIOS

I anal, but I think the general rule is you're doing it with the intent to access a computer or account you're not supposed to have access to.

 

[libRT]

I anal, but I think the general rule is you're doing it with the intent to access a computer or account you're not supposed to have access to.

I anal too, but in the UK if they can't prove intent they can still prosecute under the data protection act (or something similar) rather than the computer misuse act IIRC.

 

[seri0us]

I anal, but I think the general rule is you're doing it with the intent to access a computer or account you're not supposed to have access to.

I anal too, but in the UK if they can't prove intent they can still prosecute under the data protection act (or something similar) rather than the computer misuse act IIRC.

I anal, you anal, we anal.

 

[AmpleApricots]

UK laws are really hard to compare to the rest of the world, those people are living in some 1984 shit

 

[Anal Eclipse]

I do crackmes with Ghidra and that isn't illegal.