Passwords From PHPBB Attack Analyzed 299
Robert David Graham writes "The hacker who broke into phpbb.com posted the passwords online. I was sent the password list, so I ran it through my analysis tools and posted the results. Nothing terribly surprising here; 123456 and password are the most popular passwords as you would expect. I tried to be a bit more creative in my analysis, though, to get into the psychology of why people choose the passwords they do. '14% of passwords were patterns on the keyboard, like "1234" or "qwerty" or "asdf." There are a lot of different patterns people choose, like "1qaz2wsx" or "1q2w3e." I spent a while googling "159357" trying to figure out how to categorize it, then realized it was a pattern on the numeric keypad. I suppose whereas "1234" is popular among right-hand people, "159357" will be popular among lefties.'"
Re:159357 popular with lefties? (Score:5, Informative)
As in : left hand on the mouse, right hand free to type something ?
Re:Left and right reversed? (Score:4, Informative)
Re:Passwords are the Problem (Score:4, Informative)
Re:159357 popular with lefties? (Score:3, Informative)
I never use the mouse on the left and switching the button layout seems like an awkward hassle.
Maybe I'm not used to it because I tend to use public computers where admins would disapprove of re-arranging.
I'm just so used to the regular right-handed mouse and don't know any lefties for aren't.
Re:The horrible problem (Score:3, Informative)
Re:The horrible problem (Score:5, Informative)
If you're going to rant about encryption then get modded +5, try to be factually correct so you don't mislead people.
CRC32 is a checksum algorithm.
Integrity algorithm - This doesn't mean anything!
MD5 and SHA1 are both hash algorithms.
MD5 is weak because it's not not collision resistant.
SHA256 and up are recommended.
For passwords simply appending the salt is sufficient. Hashes are not reversible. They can't be "undone mathematically".
There is a related issue called an extension attack, where data can be added without knowing the original hash value. For that you need an HMAC which is the correct way to incorporate ("mix and blend") a secret key with data.
Avoid adding rounds to weak hashes. Pick a larger hash. A 512bit hash has 1.3 Ã-- 10^154 possible outputs!
Do not reinvent the hash.
Do not reinvent the HMAC.
Learn the proper application of both.
Re:Are they the problem? (Score:4, Informative)
Exactly.
OpenID [openid.net] is suppose to help with that. It seems to be slowly gaining support but is still not nearly pervasive enough. It has the advantage of supporting much stronger multi-factor based authentication if you want it (smartcards, etc) and its decentralized nature means you're not putting all your eggs in one basket like most other single sign on solutions.
Re:159357 popular with lefties? (Score:2, Informative)
IE has problems if you add a port number to the address, so google.com:80 doesn't work, but is fine after you add the protocol. That's the only situation I remember that fails.
Re:The horrible problem (Score:2, Informative)
Did you even read the parent? The passwords were hashed with MD5. No cleartext you nitwit.
MD5 is weak and the attacker(s) got the passwords by reversing the MD5 hash. Or at least obtained passwords with the same hash (ie. collisions in the MD5 space).
Re:Group passwords and write 'em down (Score:1, Informative)
in the case of phpbb, they got the unsalted MD5 hashes out of a MySQL DB after gaining access to the server through a PHPList exploit. It sounds like he ran some rainbow tables and brute forcing to determine the passwords. He got something like 26K out of 200-400K reversed.