[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] How Charles Dickens helped crack your LinkedIn password
From: InfoSec News <alerts () infosecnews ! org>
Date: 2012-06-11 8:29:36
Message-ID: alpine.DEB.2.02.1206110329220.4993 () infosecnews ! org
[Download RAW message or body]
https://www.computerworld.com/s/article/9227894/How_Charles_Dickens_helped_crack_your_LinkedIn_password
By Jeremy Kirk
IDG News Service
June 8, 2012
Kevin Young, a computer security expert who studies passwords, is nearly
at a loss for words. Literally.
Young and his colleagues are working to decode some 2.6 million
scrambled LinkedIn passwords, part of a total of 6.1 million released
earlier this week on a Russian password cracking forum. Young studies
how people pick passwords and how resistant they are to cracking.
The data that was released were password hashes, or cryptographic
representations of passwords churned through an algorithm called SHA-1.
For example, if a person's password is "Rover" the SHA-1 hash would be
"ac54ed2d6c6c938bb66c63c5d0282e9332eed72c."
Converting those hashes into their original passwords is possible using
decoding tools and powerful graphics processors. But the longer and more
complicated the password -- using sprinklings of capital letters,
numbers and symbols -- the longer and harder it is to crack.
What's interesting about the LinkedIn hashes is the trouble experts are
having at converting the hashes to their original password. Of the 6.1
million hashes, some 3.5 million appeared to have already been cracked
since those hashes have "00000" at the beginning.
[...]
--
Certified Ethical Hacker, ISSMP, ISSAP, CISSP training
with Expanding Security gives the best training and support.
Get a free live class invite weekly. Best programs, best prices.
http://www.ExpandingSecurity.com/PainPill
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic