Ophcrack Says Your Password Is Insecure

javipas writes "An insightful article at Jeff Atwood's Coding Horror reveals the power inside Ophcrack, an Open Source program that is capable of discovering virtually any password in Windows operating systems. The article explains how passwords get stored on Windows using hash functions, and how Ophcrack can generate immense tables of words and letter combinations that are compared to the password we want to obtain. The program is available in Windows, Mac OS and Linux, but be careful: the generated tables that Ophcrack uses are really big, and you should allow up to 15 Gbytes to store these tables."

There's no way they're getting my password!

[eln]

Ha, I've got these fools beat! I don't even USE a password on my Windows box. I'd like to see you try and crack MY password!

Re:

[rmadmin]

Got it.

norad:~# echo "" | md5sum
68b329da9893e34099c7d8ad5cb9c940 -
norad:~#

Re:

[Anonymous Coward]

echo -n "" | md5
d41d8cd98f00b204e9800998ecf8427e

His password is nothing, not a newline.

Re:There's no way they're getting my password!

[eln]

norad:~#

You may be able to crack it, but you're cheating. Clearly, working at NORAD you have access to ultra top-secret military-grade cryptographic techniques not available to your average cracker.

Re:

[jafiwam]

No, "Norad" is the name of a site. Not a computer, the correct version is:

wopr:~# echo "" | md5sum
68b329da9893e34099c7d8ad5cb9c940 -
wopr:~#

Re:There's no way they're getting my password!

[AuMatar]

Given the government's computer security, I'm fairly sure NORAD *IS* available to the average hacker.

Re:There's no way they're getting my password!

[pegr]

Got it.

norad:~# echo "" | md5sum
68b329da9893e34099c7d8ad5cb9c940 -

Actually, it's:
Password:
LM Hash: AAD3B435B51404EEAAD3B435B51404EE
NT Hash: 31D6CFE0D16AE931B73C59D7E0C089C0

Windows password hashes are not MD5...

Brought to you by the "genhash" utility of the PassTheHash toolkit for Windows. (Google it, it's awesome.)

Re:There's no way they're getting my password!

[ceeam]

You laugh but Windows indeed blocks some operations when no password is assigned. So - no password sometimes may be better than crackable password.

Re:

[Tweekster]

I just disable those restrictions.

My network isnt connected to the intertubes, so why cant i have a blank password for a remote desktop connection.

Re:There's no way they're getting my password!

[vux984]

IMO There is absolutely no point in having a login password for stand-alone machines as it is TRIVIAL to bypass with something as easy as a boot CD/floppy that just resets the passwords, as long as you have physical access to the box, (or just yank out the hard drive and remount somewhere else).

IMO There is absolutely no point in having a lock on a bathroom door, as it is TRIVIAL to bypass with something as simple as a small screwdriver.

Oh wait, yet, despite that, it is remarkably effective at keeping people out while your in there.

Many locks and passwords are more symbolic than anything else. Most people respect the implied privacy requested by a lock or password. Even if they know they could circumvent it trivially, they don't do it.

Re:There's no way they're getting my password!

[StikyPad]

More importantly, just like the bathroom, you generally need physical access to the machine (short of some remote exploit, trojan, rootkit, etc., in which case your password is irrelevant anyway). It's a well known axiom that if an attacker has physical access to a machine, all bets are off.

This is news?

[Lord_Frederick]

How long have rainbow tables been around? And hasn't just about everyone stopped storing LM hashes?

Re:

[CJ145]

People that know should have, however the majority of Windows users have no clue what a LM hash is. I use the ophcrack livecd almost daily to find lost passwords. Not once on a customer computer have I found LM disabled (Windows XP systems). I have not seen any vista PC's yet so I do not know what the default is on vista.

Re:This is news?

[CastrTroy]

I remember once I tried a Linux bootable floppy that was supposed to be able to reset windows passwords, from what I recall, by just changing the value of the hash. Anyway, the drive was NTFS, and something got screwed up, and the file was unreadable. What I ended up doing was copying the same file from a computer with a similar set up (both were college issued laptops), and use the other person's username as password to log in. Anybody with enough access to the machine can get past a simple password. And unless you keep all your important data on an encrypted partition, and use encrypted swap (can you do this in windows??), then you really don't have much protection, and shouldn't assume that the data on your computer is locked down.

Re:

[TheThiefMaster]

I think it was '98 where you could just boot into dos and delete username.pwd to make it so that user "username" had no password.

Security at it's finest.

Re:

[Opportunist]

Like it mattered in 98...

Re:

[Anonymous Coward]

"And unless you keep all your important data on an encrypted partition, and use encrypted swap (can you do this in windows??)"

Yes, it's called "Bitlocker".

Re:

[CastrTroy]

Does bitlocker make your system use an encrypted swap file? I really don't think so. At some point the data read from the file will be decrypted in memory, and if that chunk of memory gets swapped out, then it's now recorded, unencrypted to some part of your hard drive. This is why encrypted swap is needed.

Re:

[cnettel]

I think it does. The reason why is simple: the swap is a somewhat special memory-mapped file. They still have to get the encryption logic tied in with the swapping logic for all other memory-mapped files (like all exes). That's one difference between Bitlocker and previous NTFS compression/encryption, where several of the more fancy I/O operations (aysnch I/O in general, efficient memory mapping) were really disabled.

Re:

[mlts]

If you need to protect the swap file, you can set Windows to zero it out cleanly on shutdown (a setting under security options if you pull up secpol.msc.)

For further protection, there is a third party utility called BestCrypt which loads a low level device driver that intercepts the read and write calls between Windows and the swap file, and encrypts it with a randomly generated key every time the machine gets booted.

IMHO, the best protection for nearly any Windows machine is whole disk encryption (BitLocke

Re:

[Kagami001]

BitLocker encrypts the entire drive. If your swap file is on that drive, it's encrypted along with everything else.
BitLocker is only available in Windows Vista Ultimate.

Unrelated to BitLocker, Vista supports encrypting the swap file with a random key generated on startup (same as the way it's done in Linux). The setting is buried inside the EFS settings in Group Policy.
I don't know if the swap file encryption setting is available in all editions of Vista or not--group policy wasn't available in XP Home Edit

Re:

[cbhacking]

And unless you keep all your important data on an encrypted partition, and use encrypted swap (can you do this in windows??), then you really don't have much protection, and shouldn't assume that the data on your computer is locked down.

That's the idea behind BitLocker. When it was discussed on here, a lot of people compared it to FileVault, PGP/GPG, and NTFS EFS (Encrypting File System). The point is, none of those can do the kind of total protection that encrypting EVERYTHING on the system volume (and any others you want protected, except you need an unencrypted boot partition) provides.

Or, to answer your question a little differently: Yes, Windows Vista can encrypt all your data and the swap (pagefile.sys in Windows). My $DEITY, what a

Re:

[maddskillz]

I read that LM is disabled by default on Vista, but don't have a computer with it on to check it out on. It's about time!

Re:

[mlts]

Vista and Windows 2008 Server (the beta that is) both don't store LM hashes by default. You can turn it on by running secpol.msc, if you have older machines that need that.

So...

[InvisblePinkUnicorn]

So basically, if I want to find out the passwords on someone else's computer, I have to bring along a high capacity DVD's-worth of data as well? I might as well just pretend I'm their tech support and ask for the password.

Back in the day, getting Windows passwords was as easy as opening a program from a floppy. That's how I got an A in Spanish class when the teacher challenged us to guess what his screensaver password was (the prize was an A for the year - dumb teacher).

Re:So...

[jayhawk88]

The point is that it can get the password in under 5 minutes. You could bring along something like L0pht, and then wait 2 weeks while it brute forces it.

Re:

[Poromenos1]

LC has supported Rainbow Tables since version 5 IIRC. Also, how would salts work on this? If you stored EVERY md5 hash (which is what rainbow tables do), then you've stored the salt as well. You'll just get "saltpassword" as the retrieved password, won't you?

Re:

[prockcore]

If you stored EVERY md5 hash (which is what rainbow tables do)

That is certainly not what rainbow tables do. md5 is 128 bit. So to store every md5 hash would require 2^128 (3.4 × 10^38) * average_password_length bytes.

Re:

[Poromenos1]

Okay, every md5 hash whose original input was under 7 characters and in the alpha-numeric-space-special range. But, I guess I answered my own question, it adds 5ish characters to the password so a 7 character password becomes 12 chars, and thus not breakable (unless it's an LM hash, which is retarded anyway).

Re:

[ajs]

Of course, on real systems you use a decent hashing algorithm that can handle a much larger space.

If you're interested in generating random, but secure passwords, I recommend my mkpasswd [ajs.com] program, which can securely generate random passwords, or generate very insecure passwords, and the entire spectrum in-between. It uses a regular-expression-like syntax for describing a possible password, and then generates random passwords that fit the pattern. For example, you can tell it that you want 10 completely rando

Re:So...

[Anonymous Coward]

Back in the day, getting Windows passwords was as easy as opening a program from a floppy. That's how I got an A in Spanish class when the teacher challenged us to guess what his screensaver password was

But then, you didn't really guess his screensaver password. So no prize should have been given to you.

(the prize was an A for the year - dumb teacher).

Pretty dumb to give away grades, I agree. But, then, no one expects the Spanish algorithm!

Total non-story

[Sycraft-fu]

It's just another rainbow tables program. Yay. It may be better written than some (I don't know I haven't tried it) but it isn't anything new. There are plenty of rainbow table generators out there. The only problem you discover is that they take a shitload of space to get useful results. Also, if you are dealing with LM hashes, as this program is, there's no need. A Core 2 Duo can easily break pretty much any LM password in 24 hours or less.

However it also isn't that useful since as of Windows Vista, Windo

Re:

[mh1997]

So basically, if I want to find out the passwords on someone else's computer, I have to bring along a high capacity DVD's-worth of data as well?

If you want all my passwords (at work), just look at the cardboard backing attached to the paper calendar under my keyboard. If the IT department wanted me to have a very secure, impossible to guess password, then they would not require me to have different passwords on different company sites (payroll, timecard, network, email, etc), force me to change my passwor

Windows is insecure by design

[Anonymous Coward]

if i have physical access to the machine and have a bootable CD i have no need to crack any passwords
i can just reset the password and carry on, i have a customer whos 9yo girl showed me how she "cracks" her brothers password by booting in safe mode and simply removing his password
luckliy in some ways iam glad windows is insecure, i can only imagine the hell a user (and MS) would go through when you tell them that their entire photo/music collection is toast because they forgot their 21 random character hard to remember password

dont blame the user blame the whole crappy password concept

Re:Windows is insecure by design

[eln]

if i have physical access to the machine and have a bootable CD i have no need to crack any passwords
i can just reset the password and carry on,

You can do this with a Linux box as well, as well as practically any other system, so I'm not sure what your point is here.

Physical access to a box pretty much means you have root access to that box. This is why physical security is such an important part of overall system security.

Re:

[neoform]

I'd say it just highlights the need/usefulness of cryptography.

People think having a password on their box's login screen means their information is somehow 'safe'. Heavy encryption is the only way to keep your stuff safe.

Re:Windows is insecure by design

[Oktober Sunset]

either that or get grandpa to watch over your box with his 12 gauge day and night.

Re:

[Opportunist]

I think the usefulness is rather in the legitimate owner of the machine not knowing that you know his password. When his password is blown, he usually knows something's fishy.

Not to mention the fact that most people use only one or two password for pretty much every application, from their computers to online services.

This brings up a point...

[rmdyer]

Good passwords are half of the equation. If the hacker knows your user name then the hacking program only needs to solve for the entropy (cipher quality) of the password (of the hash). This is given by an equation based on the number of characters you can use in a password and the character set base. So let's say you are using a base64 character set. That gives us:

6 bits per character = (ln 64) / (ln 2)

This is because there are 64 possible ascii values per string char

Re:

[afidel]

The problem here is that Windows only allows passwords that are 15 characters (I don't immediately know the base character set windows uses without looking it up).

Wrong! Windows 2000+ based OS's and Active Directory allow for 64 character passwords using the entire Unicode character set. These tables attack the LMHash which is the legacy hash algorithm which stored the password hash into two 7 character hashes. Using a 15+ character password disables the LMHash from being stored. There is also a policy to

Re:Windows is SECURE by design.

[Gazzonyx]

If it's sitting on the desk, I open the box and short the CMOS for 3 seconds with its jumper, and then boot up and enter BIOS, which no longer has a password. I turn on USB and plug in my portable 80 gig drive which has all my tools. ;)

Also, If it's windows 98, I can blue screen the thing with a con/con from the command line and hopefully you have the thing set to reboot on BSOD.

Re:

[xappax]

The keyboard is wirelessly connected to it [...] how do you plan on hacking it?

Point a high-gain antenna at your window and wait for you to transmit all your precious passwords from your wireless keyboard to your ultra-secured box. Likely, your keyboard will transmit your every keystroke in "plaintext", however some wireless keyboards use encryption. It's a very weak key and can be bruted offline with minimal effort.

Sleep tight :)

Re:

[mlts]

On Windows servers such as domain controllers, BitLocker will be a good security feature, assuming the machine has a usable TPM chip. The machine can then boot as normal (without requiring a password at boot as with other WDE utilities), but barring someone with a physical device that can read the RAM on a machine while its on, there is no easy way to just boot from a CD and access a machine's SAM to crack the passwords. BitLocker is intended to reduce the attack profile on a local machine to just the use

Couple things

[BadAnalogyGuy]

"Passwords should never be saved as plaintext"

Tell that to /etc/passwd, bitch!

Second, if you've computed all possible hash values for all possible character combinations, then it really doesn't matter what your password is, since you only have to have the input hash to the correct hash value. Since an infinite number of character strings map to a finite number of hash values, it is only a matter of building the tables before you can hack any system.

Third, if your only defense against this type of attack is a single password, you're screwed.

Fourth, if you are worried about this sort of attack and you still live with your parents, it's probably not really too critical that you implement heavy-duty, multiple-hardened points on your Gentoo system right now. You'll have plenty of time to implement that sort of security after you finish your current bag of Cheetos.

Re:

[PPH]

Passwords should never be saved as plaintext"

Tell that to /etc/passwd, bitch!

Hmm. There are no passwords (hashes or otherwise) in my /etc/password file.

Re:

[everphilski]

before /etc/shadow, /etc/passwd held (scrambled) passwords, visible to any user on the machine.

Re:

[zeromorph]

Right, but which distribution still saves passwords in /etc/passwd? Name one, I don't know of any.

Re:

[everphilski]

None that I was aware of, but I don't think that was GP's point. He was quoting the "Passwords are never stored in plaintext. At least they shouldn't be, unless you're building the world's most insecure system using the world's most naïve programmers." from the article. Which was at one time true for Windows (? or were they referring solely to apps?) but was also at one time true for Linux.

Re:

[mav[LAG]]

but was also at one time true for Linux.

Evidence of this would be greatly appreciated. I can't remember _ever_ seeing plaintext passwords in /etc/passwd or /etc/shadow in Linux and I've been using it since 1992 or so.

Re:

[Doctor Crumb]

It appears that the manual for Unix "First Edition" (1971) makes no mention of the password being encrypted in /etc/passwd, so it may have been stored in plaintext at that time.

However, the manual for 7th edition Unix (1979) specifically states that /etc/passwd contains the encrypted passwords. So, Unix had been encrypting passwords on disk for at least 12 years before Linux existed. The GP appears to be making things up.

Refs:
http://www.cs.bell-labs.com/who/dmr/ [bell-labs.com]
http://plan9.bell-labs.com/7thEdMan/v7vol1.p [bell-labs.com]

Re:

[mlts]

Jolitz's 386BSD (the BSD that FreeBSD, NetBSD forked from), due to ITAR requirements, stored passwords in /etc/passwd (I think it had the option to run pwconv to move them to /etc/shadow, but don't remember) in 100% plaintext. You could recompile from source with a flag for the usual crypt(3) function, like other UNIX variants.

Early Linux distros (SLS) always used crypt(3) for their passwords, originally stored the passwords in /etc/passwd, but around '92 or '93, they moved to storing them in /etc/shadow.

Re:

[blhack]

Passwords should never be saved as plaintext"

Tell that to /etc/passwd, bitch!

Hmm. There are no passwords (hashes or otherwise) in my /etc/password file.

You fail at funny. The fact that /etc/passwd hasn't contained password data for YEARS is funny because every newbie linux user who downloaded "how to hack.txt" and read that using linux will turn them into a cr4ck1ng GOD finds /etc/passwd and freaks out so hard that they almost knock that two liter of generic Dr. Pepper all over moms carpet every time they find it.

Wow that is a long sentance, am i writing EULAs or is the the 18th century?

Re:

[caluml]

Tell that to /etc/passwd, bitch!

Am I falling for something here by pointing out that there aren't any passwords in /etc/passwd - even the ones in /etc/shadow are crypted, and the file is 400.

Test ophcrack live.

[realdodgeman]

Ophcrack live (CD) does not crack all windows passwords, only about 99%. Still it uses only 20 minutes and can crack passwords up to 14 characters, while running from a bootable CD. And it is horrifying how few windows sysadmins who know about this...

Re:Test ophcrack live.

[gad_zuki!]

First off, it certainly does not crack 99% of passwords. A reasonable password policy means it wont crack anything. Its a 700 meg CD. Its very limited. I've seen it fail on some pretty basic stuff. Esentially toss in a !@#$%^&*()_-{};',.? and its screwed.

>And it is horrifying how few windows sysadmins who know about this...

Well, they should be asking "Why are my PCs set up to let the end user boot a CD?" Or "Why do malicious users have physical access to our machines." With physical access youre pretty much sunk. Someone could moutn ntfs, write to the registry where its stores your admin password, and set it to null. I dont care what OS you use, physical access usually means trouble. Heck, if my portable tools cant crack it, I'll just take the hard drive home and work on it at my leisure.

Re:Test ophcrack live.

[realdodgeman]

It does crack 99% of used passwords, not 99% of theoretical passwords.

Re:

[Tim C]

If you're going to be pedantic, it cracks 99% of passwords used on the systems on which it has been used and data is available.

Re:Test ophcrack live.

[krbvroc1]

No, it just makes you very flexible, perhaps double jointed.

Re:Test ophcrack live.

[tkw954]

Ophcrack live (CD) does not crack all windows passwords, only about 99%

Can you please post a list of the remaining 1% and their hashes?

Re:

[thePsychologist]

When I took grade ten computer class for fun I made my password 115 characters (some sentence and the digits of pi), but once I forgot it the first time and had to retype it. The teacher became frustrated so he made me make it shorter.

Re:

[Opportunist]

Oh, I can see the scene.

Teacher: "5 minutes 'til the test ends."
You: "What? I'm still logging in!"

Re:

[smellsofbikes]

Clearly, someone should get busy and make a list of the other 1% of windows passwords it can't crack and start selling them.

(Seriously, I do wonder what the general characteristics are of passwords it can't handle: longer? fewer alpha?)

special chars

[Anonymous Coward]

And that's exactly the reason why I prefer using passwords like: k|$$mY/\rs3

First three entries in the table

[HangingChad]

(blank)

password

password1 That formula will crack 90% of Windows passwords out there. The remaining 10% are what the other 14.999999 GB in the table are for.

Re:First three entries in the table

[Rob T Firefly]

Amazing! That's the same password I have on my luggage!

Re:

[InvisblePinkUnicorn]

"Amazing! That's the same password I have on my luggage!"

Me too! My password is *blank* since I use a key and lock on my luggage.

Re:

[TheThiefMaster]

Don't forget *SameAsUsername*.

Things to note

[nsanders]

The title is a bit of a stretch. Some simple techniques can help protect your self from these attacks. Using special characters will greatly increase the strength of your password, since the rainbow set for ALL characters is 64GB in size. Also, a LONG password, even of simple word can increase the complexity due to its length. Something as simple as my!dear!aunt!sally would be far stronger than 1pass!

Some additional info on this topic can be seen here: http://druid.caughq.org/papers/Mnemonic-Password-Formul [caughq.org]

Re:

[prockcore]

since the rainbow set for ALL characters is 64GB in size

How is that possible? I thought LM did 7 characters with A-Z0-9. Even that gimped password has 36^7 or 78 billion combinations. That would require 1.2 terabytes to store (hash length is 16 bytes).

Re:

[nsanders]

Sorry, not ALL, as in all possible characters. I meant alpha, numeric, and special. If you read the article it shows the character set of "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=~`[]{}|\:;"',.?/" is 64GB in size.

Windows security....

[Mc1brew]

Windows has a security feature it uses when a user attempts to create a 15Gb table called "crashing". This makes it extremely difficult to break in using the tool defined.....

Careful?

[miguel]

"but be careful: the generated tables that Ophcrack uses are really big, and you should need up to 15 Gbytes to store these tables."


Since when 15 gigs were considered "really big"?

Aren't people at conferences handing out USB sticks as schwag with 493424 gigs these days in exchange for your business card?

Re:

[Opportunist]

Since when 15 gigs were considered "really big"?

I guess since some fool said something about 640k being enough.

This is why two factor authentication is necessary

[colinmcnamara]

This is a prime example of the need for a multi layered security model for authentication and authorization of your systems. There are many vendors that supply two factor authentication methods (RSA being the most well known) that provide for one time passwords. Techniques like this effectively mitigate the risk of a user account compromised by use of a hash table like this. BTW, this is nothing new. Rainbow tables have been out for ages. --Colin

Re:This is why two factor authentication is necess

[RingDev]

Or simply require your users to have passwords at least 15 characters long. There was an article out of MS a year or so ago about how the "password" is dead and that "pass phrases" will take over. Not a very well written article, but it did go over the weaknesses of short passwords, hashes, and rainbow files. They are essentially the same thing, only pass phrases are longer... much longer. Instead of having to remember "HYjK))w!x%" (which, if LM Hashed, can be cracked by a rainbow file in short order) you can remember "This is the passworrd for my new computerr". No one is going to carry a 5 terrabyte rainbow file around to try to crack a password that long. And brute force would take years. Given a few spelling mistakes and a dictionary attack will fail.

-Rick

Re:This is why two factor authentication is necess

[SQLGuru]

http://support.microsoft.com/kb/276304 [microsoft.com]

Or just force authentication against the MIT Kerberos domain.....

Your password must be at least 18770 characters and cannot repeat any of your previous 30689 passwords. Please type a different password. Type a password that meets these requirements in both text boxes.

Layne

Re:

[DamnStupidElf]

No one is going to carry a 5 terrabyte rainbow file around to try to crack a password that long.

At least not for a couple years until 5TB hard disks are available.

Re:

[Opportunist]

Give it a year and someone will come up with a clever plan to decypher it again. Don't ask me how, our cypherguys are elsewhere (and I refuse to talk to them, they're creepy!). Some statistical imbalance for this or that if this or that structure is in your sentence, or a flaw in the algorithm because you now have a larger sample to work with than with traditional passwords of 5-10 characters length...

It's always been a race. Don't think one side can win forever.

Re:

[JianTian13]

Eh?

> ttyp5 zhengyi@oracle.local.lan:~
> 0 14:11:43 504 $ echo "This is the passworrd for my new computerr" | md5
fb7393356dd5f5e6d3909e06bf64c91e

> ttyp5 zhengyi@oracle.local.lan:~
> 0 14:11:59 505 $ echo "hello12" | md5
39e8713c209ccefc6ddfafa6aedde5d1

(FreeBSD 6.2 box here; md5 came w/ the system...)

Re:

[RingDev]

A rainbow table is a pre-emptive brute force. You can do the brut force work at your leasure, then when you need to crack a LM Hash encrypted password, you just need to find a matching key in your table and enter the seed that generated that key. But the specific problem in the Windows case is the way LM Hash works. As soon as your password hits 15 characters though, the encryption runs through Kerberos. And I have not heard of any existing rainbow table solution to cracking a Kerberos password. Then again,

Windows passwords Secure?

[nick13245]

First of all, ophcrack only comes with alpha-numeric tables for LM hashes. If you have special characters in your password, you'll have to generate your own table, which takes a very long time, and a lot of hard drive space. Ophcrack does not have the ability to generate Rainbow tables as the article suggest... Second of all, Ophcrack only works well against LM hashes, because with LM hashes, passwords are split into 7 byte halves, then hashed. So you only have to have tables that go up to 7 characters with LM hashes. If you disable LM hashes on your Windows box, and use NTLM hashes, the entire password is hashed, and is not split up. So if you pick a good password, with special characters, that's fairly long, it will be pretty much impossible to crack if your using NTLM only. Even with rainbow tables... The problem is Windows XP (by default) stores passwords as LM and NTLM hashes. So if an attacker can get the LM hashes, they can crack your password easily. You can hack the registry and keep Windows from storing LM hashes. See http://support.microsoft.com/kb/299656 [microsoft.com]

In other words...

[Spy der Mann]

you're telling me that my Hotmail or Yahoo! passwords are much more difficult to crack than the Windows one?

Re:

[Opportunist]

And less interesting, too. When I have your Windows password, installing a keylogger, a BHO or a network traffic collector is trivial and I'll have your Hotmail password too, sooner or later, depending on how often you check your mail.

Jeff Atwood is a hack

[Nick of NSTime]

No pun intended.

There's no need to crack the password

[hernano]

Hi, There's no need to crack the LM&NT hashes of a password, you can use the hash directly on windows using this tool: http://oss.coresecurity.com/projects/pshtoolkit.htm [coresecurity.com] basically you can impersonate on your own windows machine any user if you have the hash, and then use your Windows machine to authenticate to services using that user's credentials. There's no need to know the cleartext password, unless you explicitly want to know the cleartext password to test it on other services that do not use NTLM authentication.

Already in Debian

[paulproteus]

Just a heads-up to those looking to install it easily: This program is already in Debian, thanks to the work of Adam Cécile (Le_Vert). You can see it on the packages page at http://packages.debian.org/lenny/ophcrack [debian.org] .

Big deal

[TheLink]

Actually this doesn't mean you should panic and start using difficult passwords for windows.

This just means you shouldn't use the same passwords for windows as you do for other stuff.

If someone can successfully run 0phcrack on your system (or its lanman hashes) it means they're already in, and they probably already have access to the data they want (can install rootkits, keyloggers etc).

It's laughable to think someone is going to physically bring it to your machine and _bother_ using it without your coopera

L0phtcrack?

[necro2607]

Pretty similar name to L0phtcrack [wikipedia.org]... any relation? If not, you'd think they would be wary of looking like they're trying to play off LC's success. Ahh regardless, reading up on L0pht [wikipedia.org] brings back a lot of memories.. ;)

Re:

[woodhouse]

>If I remember correctly...

Is this another way of saying "I'm about to spew forth a load of FUD".

I guess if it's anti-microsoft FUD, it'll get modded up, right.

Re:

[Penguinisto]

Re: NT:

That may have easily been true for NT 4.0, but (IIRC) Win2k and later stretches 'em out a lot more than 8 chars, esp. with AD password policies turned on. (No, not defending 'doze per se, but it simply doesn't parse IMHO).

But then, NT 4.0 once let you have perfect access to its SAM registry keys by simply letting at.exe open regedt32 for you.

(PS: If it helps, I do agree w/ you perfectly that that's a pretty crappy password.)

/P

Re:

[pegr]

If I remember correctly NT drop anything after the first 8 characters so the password is actually "Fgpyyih8"

You do not remember correctly. LM hashes are created by hashing the first seven characters and the second seven characters, and truncating the hashes together. Yes, instead of having to brute force one fourteen character password, you have to brute two seven character passwords, a much easier proposition.

The hashes are created by using DES56 on the password chunks with a known key. In pract

Re:

[a_nonamiss]

I once took the time (and CPU horsepower) to generate 64GB worth of rainbow tables. I must've done it wrong, though, because it didn't work on anything. I'll happily admit that I was just puttering around, and probably forgot to set some switch somewhere. Fortunately, I had a server that I didn't need for a couple weeks. :)

It's not as simplistic as all that.

[Medievalist]

From the linked blog: "How fast? It can crack the password "Fgpyyih804423" in 160 seconds. Most people would consider that password fairly secure."

Sorry Jeff, but thats a shit password. If I remember correctly NT drop anything after the first 8 characters so the password is actually "Fgpyyih8" You have one uppercase letter in there and one number. That's terrible. Where are your characters like !@#$%^&*()-_+ or extended ascii stuff? Why are you starting with a capitalized letter?

Leaving aside your incorrect remembrance of the NT LM hash algorithm, what makes you think that having funny characters, more than one uppercase, and more than one number increases your security?

Is 53cr3TPa55W@rD a better password than Fgpyyih804423? Why?

It's not a trick question. Can you demonstrate that real security is improved by having a secret string conform to a non-secret policy? Are you sure you haven't got any unexamined assumptions in your reasoning?

You also should think twice about allowing

Re:

[Quasar1999]

Simple, 53cr3TPa55W@rD is still a word. One of the simplest steps in password cracking is taking a list of english words and common passwords and then substituting symbols and numbers for the letters. Secretpassword is a bunch of commonly used words. Now Fgpyyih804423 would have to be hit by random trial and error. So the likely hood of secretpassword being cracked is way higher than random characters.

Re:

[caluml]

I once had a password with a # (what we call a hash) in it. On a UK keyboard, it's on the same key as the ~ key, next to the Enter. On a US keyboard, it's Shift 3 - where our £ (what we call a pound) is.
I once locked out password, after password, after password trying to put it in. It was a UK keyboard too, and I couldn't work out why. Eventually I twigged - someone hadn't changed the default keymap from US at install time.

Re:

[zlogic]

LM hashes split passwords in 8-letter chunks, and for each of them:
1) the last symbol is removed, so the chunk becomes a 7-character password
2) the password is uppercased (yeah, that's dumb)
and then hashes are calculated for these chunks.
BOTH the LM and NTLM (a much more secure hash) hashes are stored in the registry.
So to get a typical 8-character password, you only need to guess the first 7 characters in uppercase.
After that the more secure NTLM hash is used to guess the case of each character and the eig

Re:

[secPM_MS]

The LM hash is a old legacy security technology, ~ 20 years old, and like the crypto of its day, single key DES and 384 bit RSA, is weak. It is off by default in modern Microsoft products, where the more secure NTLMv2 is preferred. If you don't know what your policy is, simply use 15 character or larger passwords. The larger passwords disable the LM hash functionality, forcing movement to NTLM. If you use mixed case and add in numbers and special characters, the resulting large passwords are quite resistant

Re:

[lottameez]

Now that you've fixed the spelling error, perhaps ophcrack can help you with grammar too:

how Ophcrack is capable of generate immense tables of words

Of course it worked!

[Spy der Mann]

Burger without salt = anybody can mug you for your money
Burger WITH salt = You have a full security team recording who comes to visit you, and you have this barrier of protection with reinforced steel bars! PLUS - you have the right to make a call!

See? With salt it's much more secure! :D

Re:

[bhima]

Slashdot has no editors.

Only copyists.