top of page

Lookup Table Attack

A password-cracking method using precomputed hash values for rapid decryption.

Understanding Lookup Table Attacks

Attackers generate hash values for a wide range of possible passwords and store them in a database (lookup table). When they obtain a hashed password, they compare it to the precomputed hashes to find a match.

How Lookup Table Attacks Work

  1. Hash Precomputation – A table of common passwords and their hashes is created.

  2. Comparison with Stolen Hashes – The attacker matches leaked password hashes to precomputed values.

  3. Password Recovery – If a match is found, the original password is revealed.

Defensive Measures

  • Use Salting – A unique random value added to passwords before hashing prevents lookup table attacks.

  • Implement Strong Hashing Algorithms – Use bcrypt, PBKDF2, or Argon2 instead of MD5 or SHA-1.

  • Enforce Strong Password Policies – Require long, complex passwords.

bottom of page