Bruteforce attack

If you have completed a dictionary attack, but the password still has not been recovered, you have to follow-up with a brute-force attack. In this attack, the program tries to guess your password by trying every single combination of characters until your password is found. For example, the program might follow a sequence like this:

 aaaaaaaa

 aaaaaaab

 aaaaaaac

 ...

until the password is found. Obviously, this method will take time: for an eight-character alphabetic password there are 200 Billion combinations to be checked. But with modern computers this sort of attack doesn't take as long as you might think.

The brute force attack is the slowest method of password attack, but can often be successful on short and simple passwords.

Select the full path to your PWL file, as well as login name. The other options follow:

Character set

Instructs the program what characters have been used in the password. You can choose from all capital letters, all capital OEM letters (according to current code page), all digits, all special symbols and the space. The special characters are:

 !@#$%^&*()_+-=<>,./?[]{}~:;`'|"\

Charset string (which is being filled with the characters according to your selections) can be edited, e.g., you can add or remove any characters there. For example, if you remember that your password was entered in the bottom keyboard row ("zxcv...") - your password range should be "zxcvbnm,./" (or in caps: "ZXCVBNM<>?"). You can also define both of these: "zxcvbnm,./ZXCVBNM<>?".

Start from and End at

When you start the brute-force attack from scratch, these fields should be either empty, or selected according to the desired minimum and maximum password length. It is NOT recommended that you edit these fields manually: instead, use the >  buttons to select the length, and they will be filled automatically.  This minimizes the chances that some combinations could be skipped.

CPU type

Select from Intel PII/PIII/Celeron and AMD Athlon, depending on your processor. If you are not sure or your processor is not in the list, you can try both, and stay with the option that gives you better performance.

When all the options have been selected (there are also a few others, see Attacks options), press the Start button to run the attack. When/if the proper password is found, PSPR will decrypt the PWL file and show all information extracted from it. During the attack, current password and recovery speed is shown.