You are here: Encyclopedia > Encyclopedia Part 5 > What is a Password Replay Attack?
What is a Password Replay Attack?
A replay attack entails interruption of the data packets and replaying the recorded series afterwards. In simpler terms, these data packets are sent to the endpoint server without any apparent changes.
The authentication session is being repeated in this kind of attack as performed by a vicious criminal. This is done in order to deceive a computer; thus, access into the system is granted without any difficulty. This procedure is mostly used for the main purpose of obtaining authentication using evil processes. In its minor sense, however, replay attack is considered to be just a plain kind of data retransmission within a network.
Replay attack is deemed to have similar characteristics as that of the man-in-the-middle attacks. In a more detailed view of this procedure, it can be stated that there is an agent that is inserted within the line of communication between the client and the server.
Once a replay attack proceeds, the set of data being transmitted will be recorded. This is for done for the purpose of permitting future alteration of the data and these data will be kept for carrying out future evil activities.
The replay attack may be used in spying on users who had previously logged into a banking website and had initiated transactions that were supposedly confidential. Everything that a user did during the entire process may be recorded and replayed in the future. Hence, it will be possible for the attackers to take advantage of all the collected data in stealing money from a bank account.
There are various methods as to how one can fight off the replay attack and these include the following: timestamps, encryption, packet sequences, and serial numbers. These components are considered to be very effective in helping a system to identify which among the pieces of data are being repeated based on the previous session.