Final answer:
Pre-computation attacks on passwords involve attackers creating rainbow tables to crack passwords, they don't require physical access, and they're not limited to complex passwords. They are a type of cryptographic attack that does not predict future passwords.
Step-by-step explanation:
Pre-computation attacks on passwords are a type of cryptographic attack where hackers try to breach security by preparing in advance. One of the misconceptions about pre-computation attacks is that they predict future passwords (A), which is not their main attribute. Instead, these attacks entail the creation of tables, often referred to as rainbow tables (C), containing a massive number of potential password hashes. The goal is to reverse-engineer password hashes to figure out the corresponding plaintext passwords.
Characteristics of pre-computation attacks often include:
Attackers precompute tables of potential password hashes (C), which is a proactive approach compared to on-the-fly computations during an attack. These tables are created based on common password-guessing patterns, such as dictionary words or widely used passwords.
They do not necessarily require physical access to the user's computer (B) because the attack can be conducted remotely if the attacker gains access to the hashed password data.
The effectiveness of a pre-computation attack is not limited to strong, complex passwords (D)—it can be applied to any type of password, although simpler passwords are easier to crack with this method.
Rainbow tables and other pre-computed data cannot predict a user's future password (A), and these attacks can be effective against both weak and strong passwords though weak passwords are more susceptible. The key to mitigating such attacks is to use unique salts for password hashes, which makes pre-computed tables much less useful.