This thesis is a protocol for Internet telephony SIP registration password packet analysis and user password crack, the SIP proxy and SIP communications between users are plain code using the same communication with the HTML. Therefore, the SIP packets on the network is easy intercepted. Although the SIP in the process of sending information that does not transmit the user's real password authentication, but rather than include SIP proxy server for the use of randomly generated parameters, and then the MD5 operation after the response. Seems verify the process is safety, because the parameters are randomly generated by the SIP proxy server, and verify the public key, each user sends a different public key, by the SIP proxy server than for match. But the IETF in the development of SIP authentication mechanism, does not take into account the network packets are intercepted, the attacker need only keep the ratio of the response, such as using brute-force attack can crack the password for user authentication. Therefore, this paper will be implemented to collect network packets, filter out the relevant SIP registration packets, and use brute-force search for the user to set the password. The experimental results that the password if is four yards less parameters for the pure digital, pure English, or mixed numbers and write the English, can be made at 5 seconds to complete the decoded. The password can be different lengths in linear length of time to complete the decoded, so hoping that through this thesis experimental results to illustrate the importance of user passwords, so users the exact know length of time required for decoding, and thus set a more secure SI verify the password