Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331”

For Ars, three crackers have at 16,000+ hashed passcodes—with 90 percent success.

Read the whole story

 

[trs8]

Brute forcing MD5 stopped being impressive years ago.

 

[zikalify]

OK I couldn't help but look for this Radix guy after the article said he was anonymous https://news.ycombinator.com/user?id=Radix

 

[Eldorito]

It took me forever to figure out the qeadzcwrsfxv1331 one, then I looked at my keyboard. I guess there's a limited number of patterns people will regularly use on one.

 

[ror]

"That means we have 13,000 humans who did not choose a good password."

how is Qbesancon321 not a "good" password? It could be strengthened by using a symbol, but sooner or later, Qbe$@ncon321 won't be a good password either. (For all I know, that's already the case).

seems like not reusing the same password is more important than strength. even if I have a password that I believe to be "strong", it's still in my best interests to change my password once its hash has been released.

 

[malor]

These password articles are awesome. You folks are doing a real service here.

 

[potato44819]

Not Cool, Dan. You can't preempt the XKCD comic posts!

 

[ringlord]

ror[/url]":2rsntemp]"That means we have 13,000 humans who did not choose a good password."

how is Qbesancon321 not a "good" password? It could be strengthened by using a symbol, but sooner or later, Qbe$@ncon321 won't be a good password either. (For all I know, that's already the case).

seems like not reusing the same password is more important than strength. even if I have a password that I believe to be "strong", it's still in my best interests to change my password once its hash has been released.

Capital at the beginning, digits at the end, all lowercase in the middle. It's a poor password because it's using a common pattern. That was the point of the article.

Everyone needs to use truly random passwords and, thus, a password manager.

Edit: and, no, doing that common symbol substitution makes it no stronger. Again, a common pattern.

 

[jbrodkin]

malor[/url]":lbwl0cmy]These password articles are awesome. You folks are doing a real service here.

We've got more coming!

 

[Eldorito]

ror[/url]":1kpl96oz]"That means we have 13,000 humans who did not choose a good password."

how is Qbesancon321 not a "good" password? It could be strengthened by using a symbol, but sooner or later, Qbe$@ncon321 won't be a good password either. (For all I know, that's already the case).

seems like not reusing the same password is more important than strength. even if I have a password that I believe to be "strong", it's still in my best interests to change my password once its hash has been released.

The important thing is making it actually random. Besancon is a city, so it'll fall into a dictionary list. Testing the dictionary list matched with other common things (such as adding a letter on front and a bunch of numbers on the end) isn't that hard to do. As mentioned, when you can test billions of passwords, the key thing to do is just look at what people commonly do.

The article also goes through the same symbol replacement you used there, that's not really adding much complexity to your dictionary (they'll just run through the dictionary again and replace the characters with those commonly used 'tricks', 3 for e, 5 or $ for s). What you should do is add a symbol in there randomly to get the best out of it.

 

[preinheimer]

I've been using 1Password (https://agilebits.com/onepassword) for quite a while. Drag the slider up to 50 chars, call it a day. The only thing you'll need to watch out for is systems that can't handle that much password, I've dealt with ones that silently truncate it down to 35, ones that accept it, but hand off mangled versions to related systems, etc. etc.

It syncs across your macs with dropbox. Browser integration makes sites easy.

There's an iPhone app (extra $$) but the integration isn't as tight due to the iPhone's sandbox model.


Back in my windows days I was a huge fan of PasswordSafe: http://passwordsafe.sourceforge.net/

 

[ewelch]

I have tried to use XKDC's password technique. Many websites wrongly demand no spaces and must include a number. Some don't allow more than 10 or 12 characters. Guess they don't want people forgetting adequately secure passwords, eh?

 

[Rotoars]

Yes, there is no such thing as absolute security. That's not a revelation. But very good article none the less. If you really want to improve security to almost inpenetrable levels (with today's technology) you'll have to do what has always been recommended, completely random passwords of length determine by current and foreseeable technology and increase the characters as the technology advances. All websites would have to implement hashing of equivalent randomness. That would probably cost everybody more than they were willing to pay. So you can only do what's reasonable and eventually you will get hacked. Even the Pharos were "hacked".

 

[selytch]

robrob[/url]":ig0vpe0r]

ror[/url]":ig0vpe0r]"That means we have 13,000 humans who did not choose a good password."

how is Qbesancon321 not a "good" password? It could be strengthened by using a symbol, but sooner or later, Qbe$@ncon321 won't be a good password either. (For all I know, that's already the case).

seems like not reusing the same password is more important than strength. even if I have a password that I believe to be "strong", it's still in my best interests to change my password once its hash has been released.

The important thing is making it actually random. Besancon is a city, so it'll fall into a dictionary list. Testing the dictionary list matched with other common things (such as adding a letter on front and a bunch of numbers on the end) isn't that hard to do. As mentioned, when you can test billions of passwords, the key thing to do is just look at what people commonly do.

The article also goes through the same symbol replacement you used there, that's not really adding much complexity to your dictionary (they'll just run through the dictionary again and replace the characters with those commonly used 'tricks', 3 for e, 5 or $ for s). What you should do is add a symbol in there randomly to get the best out of it.

Two-factor authentication is the only real answer. Even if websites use bcrypt more. Otherwise the technology will catch up with any password complexity - FPGA, GPU or whatever else.

 

[iuqiddis]

I see that the article recommended a minimum 11 character password. Yet some of the examples of the cracked passwords on page 3 are longer (13-17 characters). Granted they are not exactly random, but still greater than 11. So is there a good safe minimum number of characters that will make me mostly secure for next few years (or a couple of years or so). Assume I'm using 1Password or KeePass, and using alphanumeric, spaces, special. Will an 18, 20, 30 suffice?

Great series of articles by the way. Just a tremendous amount of knowledge.

 

[Tension]

Anyone else expecting their IT manager to make things even worse than they are now? Many of us appreciate the importance of security, but I can't help but feel that many IT managers make things even worse.

 

[flunk]

These articles are interesting but this particular test isn't very relevant. MD5 wasn't considered a secure way to hash passwords 10 years ago, let alone now. Why wasn't this done with bcrypt and salting? That's much more realistic. Giving them a list of passwords that is encypted in a way that would be considered massively incompetent in today's IT world isn't really a useful test.

Also, I think we may all be ignoring the most important point. That being that password complexity is quickly outpacing the human ability to remember them. We're going to have to move on to something else for our computer security because the average user struggles to remember 8 digit passwords. When we implemented minimum 8 characters, with one lower, one upper and one digit requirements I got hundreds of complaint emails. Maybe my users are more ignorant and stupid than most, but I don't think so.

 

[ror]

robrob: "The important thing is making it actually random. Besancon is a city, so it'll fall into a dictionary list."

Ok. I didn't recognize that as a dictionary word.

 

[ngativ]

Can someone give a good example for a good (still human) password?

 

[Ainamacar]

trs8[/url]":2xi6jvpn]Brute forcing MD5 stopped being impressive years ago.

It doesn't have to be impressive if it works. Even sites that have moved to anything better are indirectly harmed by sites with incompetent methods because the low-hanging fruit makes it easier for future attacks to become more effective: they enhance dictionaries, reveal patterns, and generally shrink the password phase space that is safe(r) for the rest of us.

 

[Dayvid]

ngativ[/url]":2tao53nh]Can someone give a good example for a good (still human) password?

That's kind of missing the point here - if it's something a human is likely to see a pattern in, then it's the sort of thing that's likely to be checked for. As hard as it can be to remember random gibberish (*do not only use lowercase letters and/or digits*) is really the only good option here.

 

[GrandMasterBirt]

Part 1:

MD5 is really insecure BUT you don't have control over what sites use.

Therefore:

Part 2:

Use a REALLY really complex password like homecoming-foxy-bear-cake-stick for a password store like lastpass.com or 1password.com and then use those tools to auto-generate passwords. Also using lastpass enable a two-factor auth such as google authenticate or at worst the excel sheet. The point is the ONE main password you need is secure. That password is not used anywhere else period. And every site should have a unique password generated for you. And one you never have to remember, and can change on a whim.


Unfortunately that is a bit complex, but so far there are no known better solutions.

 

[ngativ]

Dayvid[/url]":14e1mxxh]

ngativ[/url]":14e1mxxh]Can someone give a good example for a good (still human) password?

That's kind of missing the point here - if it's something a human is likely to see a pattern in, then it's the sort of thing that's likely to be checked for. As hard as it can be to remember random gibberish is really the only good option here.

Well, it is almost a paradox then. There's most be a way to remove the human factor (without being human unfriendly)

 

[ringlord]

ngativ[/url]":2sjtlw2o]
Well, it is almost a paradox then. There's most be a way to remove the human factor.

To remove the human factor, use a password manager to generate a truly random, long password.

For a password that a human can remember that is still secure, use diceware.

 

[bilyl]

One thing that people haven't mentioned is that the hash table is the major point of failure for password security. Once you get access to it, it is only a matter of time before your password is lost. In order to get real security improvements, you have to change the architecture so there's no single point of failure for all of a single website's userbase.

 

[SCdF]

So correct me if I'm wrong, but the tl;dr; lessons here are:

- As a DEVELOPER, either don't design the need to store passwords yourself (i.e. use openid or similar) or make sure you're following recommended guidelines for storing passwords (e.g. bcrypt / scrypt / PBKDF2) and make sure you periodically check up to see if you need to migrate strategies (i.e. MD5 was once acceptable, as was SHAx)
- As a USER, use a password manager (e.g. KeePass) to make sure you can easily use large, truely random passwords that are unique for every login you have.

 

[DarthShiv]

Moving to better web security technologies as well as decent security practices will help mitigate this sort of thing. Most of the web is still using SHA-1 aren't they? TLS 1.2 standard has been out for years and has better hashes and handshaking protocols etc that don't have all these weaknesses that people continually publish about now.

Also if you aren't using unique IVs with your password hashes in your system/database design, you are just asking for trouble.

 

[jdsmith575]

SCdF[/url]":at7hpzig]
- As a USER, use a password manager (e.g. KeePass) to make sure you can easily use large, truely random passwords that are unique for every login you have.

I was just about to ask if I'm the only one who uses something like Password Safe.

 

[ngativ]

ringlord[/url]":19hhi64p]

ngativ[/url]":19hhi64p]
Well, it is almost a paradox then. There's most be a way to remove the human factor.

To remove the human factor, use a password manager to generate a truly random, long password.

For a password that a human can remember that is still secure, use diceware.

What about generating a text file filled random characters (hundreds of thousands ) and then just remember the row, column and length? something like 450 23 12. I wouldn't bother to copy and paste (or is copy and paste already a security flaw?

 

[RoninX]

Articles like this make me seriously consider using a password manager. However, I wonder if there are any risks to using a password manager. Maybe it's just a remnant of my initial visceral reaction when Microsoft first suggested this approach ("Just let Microsoft have all of your passwords!").

My questions are:

1) Do the password manager sites ever go down? And if they do, does this mean you are locked out of every single account you're managing?

2) What if the password manger site itself is hacked? Has this ever happened? What safeguards exist if the password manager database is stolen?

 

[Bengie25]

iuqiddis[/url]"cvnkd2k]I see that the article recommended a minimum 11 character password. Yet some of the examples of the cracked passwords on page 3 are longer (13-17 characters). Granted they are not exactly random, but still greater than 11. So is there a good safe minimum number of characters that will make me mostly secure for next few years (or a couple of years or so). Assume I'm using 1Password or KeePass, and using alphanumeric, spaces, special. Will an 18, 20, 30 suffice?

Great series of articles by the way. Just a tremendous amount of knowledge.

Aalphanumeric, spaces, special of 30 chars would be considered physically impossible to brute-force, so your best bet would be to randomly generate values and hope one works.

 

[Otto96]

None of these crackers would have any success if people would just use the proven technology of the guaranteed Internet Password Minder.

[... he said as he runs and ducks for cover....]

 

[SCdF]

RoninX[/url]":2afh3ms0]Articles like this make me seriously consider using a password manager. However, I wonder if there are any risks to using a password manager. Maybe it's just a remnant of my initial visceral reaction when Microsoft first suggested this approach ("Just let Microsoft have all of your passwords!").

My questions are:

1) Do the password manager sites ever go down? And if they do, does this mean you are locked out of every single account you're managing?

2) What if the password manger site itself is hacked? Has this ever happened? What safeguards exist if the password manager database is stolen?

I use KeePass, KeePassX and KeePassDroid on Windows, MacOSX / Linux and Android respectively. The kdb file is stored on my dropbox, and is synced between every computer I use.

The only two passwords I remember is my Dropbox password and the password of my kdb file. Which are 19 and 26 characters long respectively.

So #1 is "it's local, it never goes down" and #2 is that because it's open source and local I know that all my passwords are secured under a large and difficult to brute force password. And it also sits behind my dropbox account (which you don't necessarily need to trust) which they'd theoretically need to crack as well.

If you're worried about trusting Dropbox there are several alternatives. You can sync the file manually via USB, you can use a more security focused cloud solution such as SpiderOak or, more laboriously (but more trustworthy) Tarsnap. You could also run your own "dropbox" equivalent on you own server, there are several open source implementations in various languages.

 

[fablefox]

zikalify[/url]"mlqa1k4]OK I couldn't help but look for this Radix guy after the article said he was anonymous https://news.ycombinator.com/user?id=Radix

http://en.wikipedia.org/wiki/Radix

I'm sure a lot of people loves to use that as handle.

 

[krimhorn]

In the meantime, readers should take pains to make sure their passwords are a minimum of 11 characters, contain upper- and lower-case letters, numbers, and letters, and aren't part of a pattern.

And yet far too many websites prevent those of us who already do use password managers from using the best possible passwords. 8-12 character limits (gotta love those sites that don't tell you the max and truncate your input silently ), no special characters, etc. Love 'em.


Yes, that's sarcasm

 

[dlux]

Please send this article to every financial and online commerce site and tell them that their artifical password limitations are a liability.

Then forward it to a bunch of hungry lawyers and tell them to monitor those sites to see if anything gets changed.

I'm getting sick of reading about large-scale password cracks and no one paying the penalty for their incompetence.

 

[technon]

How does a cracker know he correctly recovered the plaintext password from the hash? Does he run it back through the hash function and see if he gets the same result? Also how does he know which hash function he's dealing with anyway if all he has is a list of hashes?

 

[le grand fuzzy]

One thing I didn't see this article mention that I'd be curious about is how many unique cracks each person got and the total amount of cracked passwords if you combined their results.

 

[topham]

The xkcd example is poor, the states level of entropy is "ideal" not "real". If I have a 100,000 word dictionary then each word represents about 10 bits of entropy, however people do not pick random words, they pick words they know and the average person uses about 1/5th of a dictionary.

If you had a dictionary with only 20000 words in it, would all the words you chose be in the dictionary? If the answer is yes then your entropy calculation is against the smaller dictionary.

Phrases and random words are NOT the answer to good passwords.