The next mini series will focus on open source password attack tools. There are some pay options out there, however, most IR teams do not have a need for it and disk forensic teams use if infrequently. Despite this many labs want the capability so it makes sense to explore the open source options first before spending the money. My goal here is talk about these options to provide some insight and to open the series I thought I's talk about password psychology since the weakness link in any password algorithm is usually the person using it.