With the rapid development of internet technologies, social networks, and other related areas, user authentication becomes more and more important to protect the data of users. Password authentication is one of the widely used methods to achieve authentication for legal users and defense against intruders. There have been many password-cracking methods developed during the past years, and people have been designing countermeasures against password cracking all the time. However, we find that the survey work on password cracking research has not been done very much. This paper is mainly to give a brief review of the password cracking methods, import technologies of password cracking, and the countermeasures against password cracking that are usually designed at two stages including the password design stage (e.g. user education, dynamic password, use of tokens, computer generations) and after the design (e.g. reactive password checking, proactive password checking, password encryption, access control). The main objective of this work is to offer the abecedarian IT security professionals and the common audiences some knowledge about computer security and password cracking and promote the development of this area. Keywords- Computer security; User authentication; Password cracking; Cryptanalysis; Countermeasures

翻译：随着互联网技术、社交网络及相关领域的快速发展，用户认证在保护用户数据方面变得日益重要。口令认证是实现合法用户认证及抵御入侵者广泛使用的方法之一。过去数年间已开发出多种口令破解方法，而针对口令破解的防御措施设计也从未间断。然而，我们发现当前对口令破解研究的综述工作尚不充分。本文旨在简要回顾口令破解方法、关键实现技术，以及通常在两个阶段设计的防御措施：口令设计阶段（如用户教育、动态口令、令牌使用、计算机生成口令）和设计后阶段（如反应式口令检查、主动式口令检查、口令加密、访问控制）。本研究主要目标是为初入IT安全领域的专业人员及普通读者提供计算机安全与口令破解方面的基础知识，并推动该领域的发展。关键词-计算机安全；用户认证；口令破解；密码分析；防御措施