Menu

Hackers Get Smarter and Passwords Get Weaker: Consumers Beware

By
August 31, 2012
  • Eye-opening research from 2007 revealed that Internet users maintain an average of 25 Internet accounts but only use an average of 6.5 passwords to protect those accounts.
  • So if hackers discover one password, they can likely break into several accounts — especially since many users use e-mail addresses as usernames.
  • Leaked password scandals, like the one involving LinkedIn earlier this year, help hackers to analyze password patterns. They then use the information to develop algorithms more speedy and precise than ever.
  • This happened on a grand scale in 2009, when 32 million passwords were leaked from the gaming service RockYou.com. With that data, hackers compiled the largest collection of plaintext passwords in history, helping them to crack them in increasing numbers.
  • “It’s been an exciting year for password crackers because of the amount of data,” explains Rick Redman, who does penetration testing for the security firm KoreLogic. “Cracking 16-character passwords is something I could not do four or five years ago, and it’s not because I have more computers now.”
  • A technique known as “rainbow tables” helps hackers to crack passwords of 7-8 characters. This length is typically too long for GPU, brute force password cracking.
  • Using rainbow tables, rather “than asking a computer to enumerate each possible password in real-time and compare it against a targeted hash, precalculated data was stored in memory or on disk in a highly compressed form to speed up the process and lower the computing requirements needed to brute force huge numbers of hashes,” explains Ars Technica.

No Comments Yet

You can be the first to comment!

Leave a comment

You must be logged in to post a comment.

Top Stories
More News