Cracked Passwords List Leaked, were you cracked?

[BTC Economist]

My password wasn't on there, so I'll just throw it out there.  My old mtgox password was 5kGrv3cM5-W_VKc9d6Zc.  And no, I don't use it for anything else....

Edit:  I've also started using 30 character passwords now too.  All this talk about cracking 10 characters in 3 seconds has me paranoid!

I use the same password, what a coincidence.

[justusranvier]

That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!

[Bunghole]

That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!

Spaceballs!

[TECSHARE]

26533: hackthis123191

haha! i'm using the internet!!!1

[flug]

There are about 3000 passwords there out of about 60,000 accounts, or about 5% of the total.

So if it was brute force why only crack 5% of them? They must have used additional info from somewhere.

[FlipPro]

This plays into my theory that everything will be public for the world to see in the future. Part of the NWO, Apocolypse, and Utopia theory's. Depending on your "views" of it.

[Xer0]

[conspiracy]
this list was generated while the Mt.Gox account recovery phase.
[/conspiracy]

Maybe he didn't clean the server completely? what if there was some kind of backdoor? yo rembember that you had to enter your old password on the recovery form. as soon as the inital hackers knew about the recovery procedure, they manipulated the scripts so that the input is stored plaintext or send somewhere. then it just get matched to username/email and voila.


This can be checked so:

Anyone who did NOT recovered his MtGox account AND has a safe password found himself on the list?

[SgtSpike]

I get the feeling that this list isn't any of the bruteforced passwords - only the people that feel for the phishing attacks.

[airdata]

So, I'm not cracked.  Yet ?

Nice.  Makes me feel all warm inside.

[dserrano5]

I'm not there. My password was 10 chars long.

[tsvekric]

And the uncracked password list that was released had the salts along with each password, so being 'salted' or 'unsalted' shouldn't matter...

Yes, it matters.  A lot.  Salted means you have to crack each password individually.  You have to run through the entire list of candidates (until a match) for each and every salted password (given unique salts).  With unsalted passwords you can run through the wordlist once, and get all matching passwords with a single MD5 run for each word in your wordlist.  It doesn't matter for one single password, but for 60000 salting means 60000 times more work.  And salting renders rainbow tables useless, because you'd have to build one rainbow table for each possible salt.

But the salts are given.  Correct me if I'm wrong, I'm new to understanding this: a password hash here is given as salt*md5*password sort of setup.  If it was just md5*password, you can solve the md5 and then just run that through the list of hashes to get all the passwords?  But if the salts are given then password crackers aren't trying to figure out the [salt] part of the equation, so you can effectively remove that and it just becomes md5*password again.  Right?

like if you have:
[salt1]*md5*[password1]
[salt2]*md5*[password2]
etc... its really hard to solve because you have crack each individual salt - BUT you don't have to crack each individual md5.  If the salts are listed right there on the table (and on MtGox that's what happened) then you're not cracking salts, just the md5 again.  That's how they get all these super-complex passwords - right?  They solved one simple md5 pass, and then used the given salts to get any password instantly.  Or am I not understanding how this works....

[Serge]

no one mentioned rootkits and keyloggers?  

[finack]

Or am I not understanding how this works....

Salts prevent people from pre-computing large amounts of hashes and then just simply comparing the hashes to see what the password is. These large lists of pre-computed hashes are called rainbow tables.

Let's imagine you and I both have the same password. If you use an unsalted hash, the resulting hash of the password will always be the same.

user:hashed_password

me:54yg7(momlk32
you:54yg7(momlk32

if I had a rainbow table for that type of hash, it might have an entry like:

54yg7(momlk32:password1

And I'd just have to search for it, not have to do any hashing and I'd find both our passwords out.

On the otherhand, if I use salts with the hash, the result would look more like this:

user:$salt$hash

me:$yg$sdf87dsfgbh^%$szdfds
you:$7z$powiuer9asd3ee343z^%

Practically this prevents me from computing a bunch of hashes beforehand and simply comparing the results to the stored hashes. You and I both still have the same weak password, but since a salt was used they have to be cracked independently.

It's not a big hurdle, but it's something.

[Grinder]

A random selection of some of the more secure looking passwords:

60x8760b6k328vc3v24kw8y1
Y!m4g6s3j*
Ev3rL@NRDX11090821
b1Ackb0x3!1
8W3G7Pds9712++
c65b5DF488
mgq$jc)kw3
w@chtw00rdLanimret!
acy7zkprddv2k3iFd&
VeryStrongPassword

There are probably some kind of pattern in all the difficult looking passwords that the cracker happens to find through cleaver combinations of dictionary attacks, leet speek decoding, common combinations and brute forcing. For instance Ev3rL@NRDX11090821 = Everland (a place) RDX (an explosive) and a number. w@chtw00rdLanimret! = Watch word Lanimret!

I would also have thought some of these were safe, though.

[enmaku]

I'm on the list, but I figured I would be - it was medium-strength password at best. Of course I *never* kept a balance for any longer than it took to buy or sell, then I transferred immediately to my wallet or Dwolla where I did *not* use a medium-strength password. 

[MrMagic]

I'm really wondering how they got some of the passwords now because my brothers account is in the list but mine is not. We used the same password....

[stapler117]

Sweet! I'm not there! I used an 8-character long password with uppercase, lowercase, and numbers. Foolishly, I set other bitcoin-related passwords to the same one. As soon as I saw the news, I changed every site to a different 15-character long password with uppercase, lowercase, numbers, and symbols. Now I should apply this to RL...

[Nescio]

With unsalted passwords you can run through the wordlist once, and get all matching passwords with a single MD5 run for each word in your wordlist.  It doesn't matter for one single password, but for 60000 salting means 60000 times more work.

Since it is extremely unlikely that all 60000 passwords were the same, you still have to brute force the rest.

If you assume a more reasonable 3000 passwords that are either identical or the same as the mail address for example, the difference between everything salted or not is only 60/57=5% more work.

Salting only (significantly) helps against rainbow tables.

[indio007]

Luckily mine wasn't cracked. Password WAS iamdana1qaz0p;/

[XIU]

There are probably some kind of pattern in all the difficult looking passwords that the cracker happens to find through cleaver combinations of dictionary attacks, leet speek decoding, common combinations and brute forcing. For instance Ev3rL@NRDX11090821 = Everland (a place) RDX (an explosive) and a number. w@chtw00rdLanimret! = Watch word Lanimret!

I would also have thought some of these were safe, though.

Actually, "wachtwoord" means password in Dutch.