|
Title: Encrypted info found??? Post by: lencom on November 12, 2013, 05:20:04 AM IDK but i was searching for someone on Google and found this
http://cryptolingus.net/dls/hashes/Raw_Dumps/PasswordFile_12.txt can anyone tell me what it is?? I'm scared to say it may be our info but idk and hopefully everyone has changed their passwords ASAP. Title: Re: Encrypted info found??? Post by: Atruk on November 12, 2013, 05:30:04 AM IDK but i was searching for someone on Google and found this http://cryptolingus.net/dls/hashes/Raw_Dumps/PasswordFile_12.txt can anyone tell me what it is?? I'm scared to say it may be our info but idk and hopefully everyone has changed their passwords ASAP. This appears to be the Mt Gox dump from way back. Title: Re: Encrypted info found??? Post by: lencom on November 12, 2013, 05:48:26 AM IDK but i was searching for someone on Google and found this http://cryptolingus.net/dls/hashes/Raw_Dumps/PasswordFile_12.txt can anyone tell me what it is?? I'm scared to say it may be our info but idk and hopefully everyone has changed their passwords ASAP. This appears to be the Mt Gox dump from way back. Title: Re: Encrypted info found??? Post by: Atruk on November 12, 2013, 06:55:27 AM IDK but i was searching for someone on Google and found this http://cryptolingus.net/dls/hashes/Raw_Dumps/PasswordFile_12.txt can anyone tell me what it is?? I'm scared to say it may be our info but idk and hopefully everyone has changed their passwords ASAP. This appears to be the Mt Gox dump from way back. No idea. Is your username in there? Title: Re: Encrypted info found??? Post by: lencom on November 12, 2013, 07:19:20 AM IDK but i was searching for someone on Google and found this http://cryptolingus.net/dls/hashes/Raw_Dumps/PasswordFile_12.txt can anyone tell me what it is?? I'm scared to say it may be our info but idk and hopefully everyone has changed their passwords ASAP. This appears to be the Mt Gox dump from way back. No idea. Is your username in there? Title: Re: Encrypted info found??? Post by: Atruk on November 12, 2013, 07:35:45 AM IDK but i was searching for someone on Google and found this http://cryptolingus.net/dls/hashes/Raw_Dumps/PasswordFile_12.txt can anyone tell me what it is?? I'm scared to say it may be our info but idk and hopefully everyone has changed their passwords ASAP. This appears to be the Mt Gox dump from way back. No idea. Is your username in there? Jed being user number 1 seems like a giveaway that it is the old MtGox dump. Title: Re: Encrypted info found??? Post by: joeyjoe on November 12, 2013, 06:02:13 PM Well email could be (and probably has been) used for bitcoin spam /.fishing.
The passwords are likely encrypted with a salt so would be very hard to reverse. Title: Re: Encrypted info found??? Post by: redtwitz on November 13, 2013, 01:13:14 AM The passwords are likely encrypted with a salt so would be very hard to reverse. Sort of. Passwords should be hashed, not encrypted. Encryption is reversible and would require an encryption key that has to get stored as well on the server. If somebody obtains access to the encrypted passwords and the key, obtaining the actual passwords is straightforward. Luckily, this is not the case here. The first two lines of the dump say: Code: UserID,Username,Email,Password "$1" means that the MD5 hash of the user's password salted with "E1xAsgR1" is "vPt0d/L3f81Ys3SxJ7rIh/". As long as somebody is using a strong enough password, MD5 works reasonably well for this purpose, i.e., it isn't possible to obtain the password from the salted hash. However, MD5's speed makes brute-force attacks on weak passwords considerably less expensive than deliberately slow functions like bcrypt, scrypt of simply thousands of iterations of SHA-512. Even my OS uses the latter by default. I'd expect the same fro a service handling my money... Bottom line: Don't use weak passwords! Never, ever, reuse a password! Title: Re: Encrypted info found??? Post by: joeyjoe on November 13, 2013, 08:36:41 AM Yes I meant hashed.
|