Overclock.net › Forums › Industry News › Technology and Science News › [Ars] Why passwords have never been weaker—and crackers have never been stronger
New Posts  All Forums:Forum Nav:

[Ars] Why passwords have never been weaker—and crackers have never been stronger

post #1 of 49
8/21/12 at 2:17pm
Thread Starter 
Quote:
Originally Posted by Dan Goodin 
The average Web user maintains 25 separate accounts but uses just 6.5 passwords to protect them, according to a landmark study (PDF) from 2007. As the Gawker breach demonstrated, such password reuse, combined with the frequent use of e-mail addresses as user names, means that once hackers have plucked login credentials from one site, they often have the means to compromise dozens of other accounts, too.

Why passwords have never been weaker—and crackers have never been stronger

My password has yet to be compromised, but one day... Guess I better make a set of extra passwords for the day.
Dynamix
(13 items)
  		  
CPUMotherboardGraphicsRAM
i7-860 Gigabyte GA-P55A-UD4P Radeon 5770 HD Corsair Domintor Twins 
Hard DriveOptical DriveOSMonitor
WD Caviar Black, 500gb Sony Optiarc Windows 7 Ultimate Samsung P2570HD 
KeyboardPowerCaseMouse
Logitech G110 Corsair 750W HX Antec p183 Logitech MX Revolution 
View all
  hide details  
Reply
Dynamix
(13 items)
  		  
CPUMotherboardGraphicsRAM
i7-860 Gigabyte GA-P55A-UD4P Radeon 5770 HD Corsair Domintor Twins 
Hard DriveOptical DriveOSMonitor
WD Caviar Black, 500gb Sony Optiarc Windows 7 Ultimate Samsung P2570HD 
KeyboardPowerCaseMouse
Logitech G110 Corsair 750W HX Antec p183 Logitech MX Revolution 
View all
  hide details  
Reply
post #2 of 49
8/21/12 at 2:21pm

Quote:
This $12,000 computer, dubbed Project Erebus v2.5 by creator d3ad0ne, contains eight AMD Radeon HD7970 GPU cards. Running version 0.10 of oclHashcat-lite, it requires just 12 hours to brute force the entire keyspace for any eight-character password containing upper- or lower-case letters, digits or symbols. It aided Team Hashcat in winning this year's Crack Me If You Can contest.

I really need to get better passwords frown.gif
Woot
(16 items)
  		  
CPUMotherboardGraphicsRAM
Intel 2700k Asrock Z68 Extreme3 Gen 3 GTX 680 16gb Corsair Vengeance ddr3 1600 
Hard DriveOptical DriveCoolingOS
120gb Intel 510 series ssd, 80gb Intel 320 seri... Asus dvdrw Corsair h80 + 9 case fans Win 7 64bit 
MonitorKeyboardPowerCase
Dell U2711 Razer Blackwidow PC P&C 950w Silencer Corsair 400r 
MouseMouse PadAudioAudio
Razer Mamba 2012 Black Ultrasone 550's, X-fi Titanium HD  M-Audio AV40 
View all
  hide details  
Reply
Woot
(16 items)
  		  
CPUMotherboardGraphicsRAM
Intel 2700k Asrock Z68 Extreme3 Gen 3 GTX 680 16gb Corsair Vengeance ddr3 1600 
Hard DriveOptical DriveCoolingOS
120gb Intel 510 series ssd, 80gb Intel 320 seri... Asus dvdrw Corsair h80 + 9 case fans Win 7 64bit 
MonitorKeyboardPowerCase
Dell U2711 Razer Blackwidow PC P&C 950w Silencer Corsair 400r 
MouseMouse PadAudioAudio
Razer Mamba 2012 Black Ultrasone 550's, X-fi Titanium HD  M-Audio AV40 
View all
  hide details  
Reply
post #3 of 49
8/21/12 at 2:26pm
Personally, this scares me enough to make individual passwords for every account now. And to try this instead:

http://imgs.xkcd.com/comics/password_strength.png
Boinzy
(14 items)
  		  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 955 GA-MA785GMT-UD2H EVGA GTX 470 ADATA 2x2gb 1600 MHz 
Hard DriveOptical DriveOSOS
Seagate 250GB, 1TB Asus DRW-24B1ST Windows 7 Ultimate 64bit Linux Mint 10 64bit 
MonitorPowerCaseMouse
Samsung SyncMaster 2043NWX 20in LCD Antec Earthwatts 650W Antec 300 Illusion MS Intellimouse 1.0 
View all
  hide details  
Reply
Boinzy
(14 items)
  		  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 955 GA-MA785GMT-UD2H EVGA GTX 470 ADATA 2x2gb 1600 MHz 
Hard DriveOptical DriveOSOS
Seagate 250GB, 1TB Asus DRW-24B1ST Windows 7 Ultimate 64bit Linux Mint 10 64bit 
MonitorPowerCaseMouse
Samsung SyncMaster 2043NWX 20in LCD Antec Earthwatts 650W Antec 300 Illusion MS Intellimouse 1.0 
View all
  hide details  
Reply
post #4 of 49
8/21/12 at 2:27pm
1) 25 accounts??
2) I only have 3 7970's frown.gif
My Scarlet Sin
(16 items)
 
HTPC
(12 items)
  		 
CPUMotherboardGraphicsRAM
Core i7-3770k @ 4.8GHz HT ASRock Z77 Extreme6 2xReference HD7970 CFX 4x4GB Vengeance @ 1600 CAS7 
Hard DriveCoolingOSMonitor
120GB Plextor M3 SSD | 2x1TB RE4 RAID 1 XSPC Rasa | RX120/240 Windows 7 x64 27" Overlord | 22" U2211H | 32" CCFL Sony 
KeyboardPowerCaseMouse
daskeyboard Ultimate S Silent Seasonic X-760 Lian-Li PC-8FIR Razer Deathadder 3.5 
AudioOther
Titanium HD + Objective2 Samson Monitors + 10" sub 
View all
CPUMotherboardGraphicsRAM
Core i3-2100 Zotac Z68ITX MSI GTX560 Ti TF2 - soon to be GTX680 2x2GB G.Skill ECO 1600mhz CAS7 
Hard DriveOptical DriveOSMonitor
120GB Intel 520 SSD | 1TB WD Caviar Black ASUS BluRay Windows 7 x64 Sony Bravia 
KeyboardPowerCaseMouse
Filco Majestouch Camo 600w Silverstone something or other Lian-Li PC-V352 Logitech M500 
View all
  hide details  
Reply
My Scarlet Sin
(16 items)
 
HTPC
(12 items)
  		 
CPUMotherboardGraphicsRAM
Core i7-3770k @ 4.8GHz HT ASRock Z77 Extreme6 2xReference HD7970 CFX 4x4GB Vengeance @ 1600 CAS7 
Hard DriveCoolingOSMonitor
120GB Plextor M3 SSD | 2x1TB RE4 RAID 1 XSPC Rasa | RX120/240 Windows 7 x64 27" Overlord | 22" U2211H | 32" CCFL Sony 
KeyboardPowerCaseMouse
daskeyboard Ultimate S Silent Seasonic X-760 Lian-Li PC-8FIR Razer Deathadder 3.5 
AudioOther
Titanium HD + Objective2 Samson Monitors + 10" sub 
View all
CPUMotherboardGraphicsRAM
Core i3-2100 Zotac Z68ITX MSI GTX560 Ti TF2 - soon to be GTX680 2x2GB G.Skill ECO 1600mhz CAS7 
Hard DriveOptical DriveOSMonitor
120GB Intel 520 SSD | 1TB WD Caviar Black ASUS BluRay Windows 7 x64 Sony Bravia 
KeyboardPowerCaseMouse
Filco Majestouch Camo 600w Silverstone something or other Lian-Li PC-V352 Logitech M500 
View all
  hide details  
Reply
post #5 of 49
8/21/12 at 2:27pm
LastPass post-flame-small.gifthumb.gif
Z77DEFINE
(12 items)
 
220ESXi
(11 items)
 
X120E
(13 items)
 
CPUMotherboardGraphicsRAM
i7-2600K ASRock Z77 Professional-M ASUS ENGTX570 DCII 16GB (2x8GB) G.SKILL 16GBXL 
Hard DriveCoolingOSMonitor
Corsair F.GT 120GB | Vertex 30 | 2xWD VR 300 RAID0 Antec KÜHLER H2O 620 P/P Windows 7 Professional x64 2x HP 30" S-IPS LCD ZR30w 
KeyboardPowerCaseMouse
Logitech G15 Corsair Pro Series Gold AX850 Fractal Design Define Mini Logitech G9x 
View all
CPUMotherboardRAMHard Drive
AMD FX-6300 Vishera 3.5GHz (4.1GHz Turbo) ASRock 970 EXTREME4 AM3+ AMD 970 16GB (2 x 8GB) Kingston HyperX DDR3 1600 (KHX16... TBD 
CoolingOSOSOS
Corsair H50 w/PP PWM Fans VMware vSphere ESXi 5.1 Nas4Free Debian 
OSPowerCase
WHS 2011 CORSAIR CMPSU-400CX 400W ATX12V V2.2 80 PLUS NZXT SOURCE 220 
View all
CPUGraphicsRAMHard Drive
AMD Fusion Processor E-350 1.6Ghz AMD Radeon HD 6310 2 GB DDR3 Zalman S Series 64GB SSD 
OSMonitor
Windows 7 Professional x64 11.6" HD (1366x768) AntiGlare 
View all
  hide details  
Reply
Z77DEFINE
(12 items)
 
220ESXi
(11 items)
 
X120E
(13 items)
 
CPUMotherboardGraphicsRAM
i7-2600K ASRock Z77 Professional-M ASUS ENGTX570 DCII 16GB (2x8GB) G.SKILL 16GBXL 
Hard DriveCoolingOSMonitor
Corsair F.GT 120GB | Vertex 30 | 2xWD VR 300 RAID0 Antec KÜHLER H2O 620 P/P Windows 7 Professional x64 2x HP 30" S-IPS LCD ZR30w 
KeyboardPowerCaseMouse
Logitech G15 Corsair Pro Series Gold AX850 Fractal Design Define Mini Logitech G9x 
View all
CPUMotherboardRAMHard Drive
AMD FX-6300 Vishera 3.5GHz (4.1GHz Turbo) ASRock 970 EXTREME4 AM3+ AMD 970 16GB (2 x 8GB) Kingston HyperX DDR3 1600 (KHX16... TBD 
CoolingOSOSOS
Corsair H50 w/PP PWM Fans VMware vSphere ESXi 5.1 Nas4Free Debian 
OSPowerCase
WHS 2011 CORSAIR CMPSU-400CX 400W ATX12V V2.2 80 PLUS NZXT SOURCE 220 
View all
CPUGraphicsRAMHard Drive
AMD Fusion Processor E-350 1.6Ghz AMD Radeon HD 6310 2 GB DDR3 Zalman S Series 64GB SSD 
OSMonitor
Windows 7 Professional x64 11.6" HD (1366x768) AntiGlare 
View all
  hide details  
Reply
post #6 of 49
8/21/12 at 2:30pm
PwdHasher.
Dell UltraSharp U2312HM
Dell UltraSharp U2312HM
Overkill FTW!
(21 items)
 
For Sale: [For Sale] [Global] iPod Nano 4th Generation 8GB Blue
£29.99 (GBP) or best offer
CPUMotherboardGraphicsRAM
[Intel] Core i7 3930K [ASUS] RAMPAGE IV EXTREME [EVGA] GeForce GTX 670 4GB SuperClocked+ with b... [G.Skill] RipjawsZ 16GB 1866 
Hard DriveHard DriveOptical DriveCooling
[Samsung] 830 256GB [Samsung] 840 500GB [Sony] El cheapo CD reader [Corsair] H100 
CoolingCoolingOSOS
4x [Corsair] Air Series SP120 High Performance [Lamptron] FC6 [Microsoft] Windows 8 Pro x86-64 [Mint] Linux Mint 13 running on [Microsoft] HyperV 
MonitorKeyboardPowerCase
[Dell] U2312HM [Razer] BlackWidow [Corsair] AX750 [NZXT] Switch 810 
MouseMouse PadAudioAudio
[Corsair] M60 [IKEA] Table. [ASUS] Xonar DX [Creative] T3130 
Audio
[JVC] HA-RX700 
View all
  hide details  
Reply
Dell UltraSharp U2312HM
Dell UltraSharp U2312HM
Overkill FTW!
(21 items)
 
For Sale: [For Sale] [Global] iPod Nano 4th Generation 8GB Blue
£29.99 (GBP) or best offer
CPUMotherboardGraphicsRAM
[Intel] Core i7 3930K [ASUS] RAMPAGE IV EXTREME [EVGA] GeForce GTX 670 4GB SuperClocked+ with b... [G.Skill] RipjawsZ 16GB 1866 
Hard DriveHard DriveOptical DriveCooling
[Samsung] 830 256GB [Samsung] 840 500GB [Sony] El cheapo CD reader [Corsair] H100 
CoolingCoolingOSOS
4x [Corsair] Air Series SP120 High Performance [Lamptron] FC6 [Microsoft] Windows 8 Pro x86-64 [Mint] Linux Mint 13 running on [Microsoft] HyperV 
MonitorKeyboardPowerCase
[Dell] U2312HM [Razer] BlackWidow [Corsair] AX750 [NZXT] Switch 810 
MouseMouse PadAudioAudio
[Corsair] M60 [IKEA] Table. [ASUS] Xonar DX [Creative] T3130 
Audio
[JVC] HA-RX700 
View all
  hide details  
Reply
post #7 of 49
8/21/12 at 2:30pm
Thread Starter 
Quote:
Originally Posted by Boinz View Post

Personally, this scares me enough to make individual passwords for every account now. And to try this instead:
http://imgs.xkcd.com/comics/password_strength.png

I prefer Password Haystacks, as described by Steve Gibson. https://www.grc.com/haystack.htm
Dynamix
(13 items)
  		  
CPUMotherboardGraphicsRAM
i7-860 Gigabyte GA-P55A-UD4P Radeon 5770 HD Corsair Domintor Twins 
Hard DriveOptical DriveOSMonitor
WD Caviar Black, 500gb Sony Optiarc Windows 7 Ultimate Samsung P2570HD 
KeyboardPowerCaseMouse
Logitech G110 Corsair 750W HX Antec p183 Logitech MX Revolution 
View all
  hide details  
Reply
Dynamix
(13 items)
  		  
CPUMotherboardGraphicsRAM
i7-860 Gigabyte GA-P55A-UD4P Radeon 5770 HD Corsair Domintor Twins 
Hard DriveOptical DriveOSMonitor
WD Caviar Black, 500gb Sony Optiarc Windows 7 Ultimate Samsung P2570HD 
KeyboardPowerCaseMouse
Logitech G110 Corsair 750W HX Antec p183 Logitech MX Revolution 
View all
  hide details  
Reply
post #8 of 49
8/21/12 at 2:48pm
I will never understand why large websites don't salt the hashes.
Part Time Research Assistant
(15 items)
 
HTPC
(8 items)
  		 
CPUMotherboardGraphicsRAM
i7-3930k MSI X79MA-GD45 Powercolor 7950 G Skill 
Hard DriveCoolingCoolingCooling
Samsung 830 Swiftech Apogee XT Rev. 1 EK-FC HWLabs Black Ice GTX 240 and a Koolance HX-CU72... 
CoolingCoolingOSOS
MCP 35X and a MCP 350 Koolance 401x2 Opensuse 12.1 Windows 7 
KeyboardPowerCase
Ducky OCN with cherry blues Antec True Power New 650W Cooler Master CM690 II 
View all
CPUMotherboardGraphicsRAM
i5-750 Gigabyte p55-ud2 GTX 430 G Skill 
Hard DriveOSPowerCase
Samsung HD204UI Fedora 15 Corsair CX-430 Silverstone GC04 
View all
  hide details  
Reply
Part Time Research Assistant
(15 items)
 
HTPC
(8 items)
  		 
CPUMotherboardGraphicsRAM
i7-3930k MSI X79MA-GD45 Powercolor 7950 G Skill 
Hard DriveCoolingCoolingCooling
Samsung 830 Swiftech Apogee XT Rev. 1 EK-FC HWLabs Black Ice GTX 240 and a Koolance HX-CU72... 
CoolingCoolingOSOS
MCP 35X and a MCP 350 Koolance 401x2 Opensuse 12.1 Windows 7 
KeyboardPowerCase
Ducky OCN with cherry blues Antec True Power New 650W Cooler Master CM690 II 
View all
CPUMotherboardGraphicsRAM
i5-750 Gigabyte p55-ud2 GTX 430 G Skill 
Hard DriveOSPowerCase
Samsung HD204UI Fedora 15 Corsair CX-430 Silverstone GC04 
View all
  hide details  
Reply
post #9 of 49
8/21/12 at 3:12pm
Quote:
Originally Posted by mdatmo View Post

I will never understand why large websites don't salt the hashes.
I prefer ketchup on mine.
Second Iteration
(13 items)
  		  
CPUMotherboardGraphicsRAM
Intel i5 2500k @ 5 GiggleHurtz MSI P67A-GD65 (B3) (2) AMD 6850 CF G.Skill Ripjaws 8GB 
Hard DriveOSMonitorKeyboard
60GB OCZ Vertex 2 + 1.5TB HDD Windows 7 64bit Dell SP2309W 23" 2048x1152 IBM KPD8923 
CaseMouse
NZXT Phantom Black Trackpoint IV 
View all
  hide details  
Reply
Second Iteration
(13 items)
  		  
CPUMotherboardGraphicsRAM
Intel i5 2500k @ 5 GiggleHurtz MSI P67A-GD65 (B3) (2) AMD 6850 CF G.Skill Ripjaws 8GB 
Hard DriveOSMonitorKeyboard
60GB OCZ Vertex 2 + 1.5TB HDD Windows 7 64bit Dell SP2309W 23" 2048x1152 IBM KPD8923 
CaseMouse
NZXT Phantom Black Trackpoint IV 
View all
  hide details  
Reply
post #10 of 49
8/21/12 at 3:13pm
http://www.yubico.com/yubikey

YubiKey is a great way to secure passwords.

https://www.yubico.com/password-manager

Quote:
Originally Posted by Zen00 View Post

I prefer Password Haystacks, as described by Steve Gibson. https://www.grc.com/haystack.htm
Steve Gibson also loves YubiKey. a hardware rom is pretty secure. smile.gif
Edited by FrankCastle - 8/21/12 at 3:18pm
Reply
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [Ars] Why passwords have never been weaker—and crackers have never been stronger