An important technique to mitigate password dictionary attacks is to ___________.

Question

BlackTom AI · Accepted Answer

Let’s break down each option in the context of defending against password dictionary attacks. 
Option a: 'use a carefully designed fast password hash function' — This is not ideal. Fast hash functions (like MD5, SHA-1, or plain bcrypt without work factor) allow an attacker to test many guesses per second, increasing the risk of successful dictionary or brute-force attacks. The purpose of hashing is to store passwords securely, but speed is the adversary’s ally in large-scale guessing; thus, a fast hash without additional protections is counterproductive.
Option b: 'none of the above' — This would be true only if all other statements were wrong. However, there is a well-established defense strategy against dictionary attacks, so this option generally misstates the landscape. It’s not the best choice given the standard practice in password security.
Option c: 'use a carefully designed slow password hash function' — This is the correct approach. Slow hash functions (such as bcrypt, scrypt, or Argon2) introduce computational cost and/or memory-hardness, making each guess expensive. That slowdown dramatically reduces the feasibility of dictionary attacks because an attacker can probe far fewer guesses in a given time, while legitimate authentication remains workable for users. The core concept is to impose a work factor or resource cost per password verification, thereby mitigating rapid-fire guessing.
Option d: 'avoid using password hashing' — This is incorrect and dangerous. Avoiding password hashing would expose plain-text passwords or weakly protected credentials, making breaches far more damaging. Proper hashing (with salts and a slow algorithm) is a foundational security practice, not something to avoid.
Overall, the rationale centers on the trade-off between security and practicality: introducing deliberate computational or memory costs to password verification hinders attacker throughput while preserving usability for legitimate users. The design intention behind slow password hashing is precisely to attenuate the effectiveness of dictionary attacks by increasing per-guess effort.

FIT1093_S2_2025 Week 8 MCQ: System Security - Entity Authentication & Access Control

An important technique to mitigate password dictionary attacks is to ___________.

View Explanation

Log in for full answers

Similar Questions

When designing a secure system, why is hashing preferred over encryption for storing passwords?

__________ is a technique used to help protect against attacks exposing the contents of the server where password information is stored.

The best way to store passwords is:

A hash of data can be identified with attacks, so it is customary to add to a hash to ensure that the hash value appears to be different each time it is used.

In a consumer society, many adults channel creativity into buying things

Economic stress and unpredictable times have resulted in a booming industry for self-help products

People born without creativity never can develop it

More Practical Tools for Students Powered by AI Study Helper

Homework AI Solver

Stylized AI Paper Writer

Plagiarism Checker Assistant

Citation AI Academic Writing Tool

In-Class Translation Assistant

AI Note Generator

AI Quiz Answers

Past Exam Questions from University Test Bank

Smart Practice Assistant

Adaptive Practice

Making Your Study Simpler

FIT1093_S2_2025 Week 8 MCQ: System Security - Entity Authentication & Access Control

An important technique to mitigate password dictionary attacks is to ___________.

View Explanation

Log in for full answers

Similar Questions

When designing a secure system, why is hashing preferred over encryption for storing passwords?

__________ is a technique used to help protect against attacks exposing the contents of the server where password information is stored.

The best way to store passwords is:

A hash of data can be identified with ________ attacks, so it is customary to add ________ to a hash to ensure that the hash value appears to be different each time it is used.

In a consumer society, many adults channel creativity into buying things

Economic stress and unpredictable times have resulted in a booming industry for self-help products

People born without creativity never can develop it

More Practical Tools for Students Powered by AI Study Helper

Making Your Study Simpler

A hash of data can be identified with attacks, so it is customary to add to a hash to ensure that the hash value appears to be different each time it is used.