Identification should include
brute force
dictionary attacks
rainbow tables.