Computer Historians Crack Passwords of Unix's Early Pioneers (boingboing.net) 60
JustAnotherOldGuy shares a report from Boing Boing: Early versions of the free/open Unix variant BSD came with password files that included hashed passwords for such Unix luminaries as Dennis Ritchie, Stephen R. Bourne, Eric Schmidt, Brian W. Kernighan and Stuart Feldman. Leah Neukirchen recovered an BSD version 3 source tree and revealed that she was able to crack many of the weak passwords used by the equally weak hashing algorithm from those bygone days.
Dennis MacAlistair Ritchie's was "dmac," Bourne's was "bourne," Schmidt's was "wendy!!!" (his wife's name), Feldman's was "axlotl," and Kernighan's was "/.,/.,." Four more passwords were cracked by Arthur Krewat: Ozalp Babaolu's was "12ucdort," Howard Katseff's was "graduat;," Tom London's was "..pnn521," Bob Fabry's was "561cml.." and Ken Thompson's was "p/q2-q4!" (chess notation for a common opening move). BSD 3 used Descrypt for password hashing, which limited passwords to eight characters, salted with 12 bits of entropy.
Dennis MacAlistair Ritchie's was "dmac," Bourne's was "bourne," Schmidt's was "wendy!!!" (his wife's name), Feldman's was "axlotl," and Kernighan's was "/.,/.,." Four more passwords were cracked by Arthur Krewat: Ozalp Babaolu's was "12ucdort," Howard Katseff's was "graduat;," Tom London's was "..pnn521," Bob Fabry's was "561cml.." and Ken Thompson's was "p/q2-q4!" (chess notation for a common opening move). BSD 3 used Descrypt for password hashing, which limited passwords to eight characters, salted with 12 bits of entropy.
Re: (Score:3)
The solutions need to be 8 characters or fewer. Otherwise they would not have worked.
Re: (Score:2)
Think outside the box, of all the longer dirty words or phrases that would be recognizable from the first 8 characters, or could be made with 8 characters with omissions perhaps of vowels
Re: (Score:2)
The hash would be computed on the first 8 characters and fail to match.
Re: Those are just some of the possible solutions (Score:3)
I wonder who used the best... (Score:2)
Re: (Score:2)
Re: (Score:2)
Only paranoid people need secure passwords (Score:1)
Re:Only paranoid people need secure passwords (Score:4, Interesting)
Kernighan's password was rather good. It's a sad state of affairs that it would be blocked by so many websites today.
Re: (Score:2)
They'd be right to do so, as 7 characters is too short, even if they were completely random digits. 7-digit passwords can be brute-forced in pretty short order these days. It varies depending on the hash algorithm, of course, but even in the best case with CPU-hard algorithms, it's really not enough entropy.
The best we can say is "it was a good password for the time."
Re: (Score:3)
Except websites don't need that kind of entropy because they can limit the number of tries.
And in fact no password that's human-brain-compatible is good enough these days. You either use a password wallet generating 32 characters random passwords or you count on websites implementing proper security. If you rely on Google, the entropy you need is not much ; much less than those 7-characters passwords.
Re:Only paranoid people need secure passwords (Score:5, Informative)
It's rare that websites are brute force hacked. Usually people gain access via malware or some other security hole, escalate their privileges and then grab a copy of the password hashes. Then they can run the password file through a list of other known passwords to catch the low hanging fruit, then use various other brute force attacks to try to get the rest. If you've got a difficult enough password, they'll give up on it and focus on the easier ones to crack. But if their password hashes also comes with account names (often email addresses), then they can try accessing lots of other websites with that email/password combo, which is why it's dangerous to reuse your passwords.
Re: (Score:2)
Except websites don't need that kind of entropy because they can limit the number of tries.
Yeah, right up until their database is compromised. And of course, that *cough* never happens, right? Don't make me insult-swordfight you, Threepwood!
Re: (Score:2)
Re: (Score:3)
"Brute forced" is not an attack surface any competent website should be concerned with. It's one of those threats from the 1980s that people just can't seem to let go of.
No human-memorizable password is strong these days if someone gets access to password hashes, so don't store those unencrypted. A 4-digit PIN is strong enough for naive attacks if you limit tries. Bad passwords are those with less entropy than a 4-digit PIN, which are still amazingly common.
Storing passwords unencrypted, or even storing h
Re: (Score:2)
No human-memorizable password is strong these days if someone gets access to password hashes, so don't store those unencrypted
A ten character password is long enough to prevent it from being unencrypted, even if someone gets access to the hash. Look it up.
Re:Only paranoid people need secure passwords (Score:4, Funny)
Re: (Score:1)
That comment is going to be very funny ten years from now.
Re: Only paranoid people need secure passwords (Score:2)
Re: (Score:2)
A ten character random password? Maybe. This year. If you have it machine-generated. And if the attacker is not well-funded. But most people can't remember more than one of those, or remember it if they have to change it frequently.
And if you come up with you own "random" 10-character password, not machine generated, it likely has far less than 60 bits of entropy and so is not secure. A ten-character password that's just two words combined with a number on the end won't take a millisecond to find.
The
Re: Only paranoid people need secure passwords (Score:2)
Re: Only paranoid people need secure passwords (Score:2)
Brute forcing has traditionally been a very successful attack in recent times as things like md5 and the like are all so compromised it might as well be plain text. GPUs in particular are excellently suites for mass parallel brute forcing , particularly coupled with precompited hash tables
Re: (Score:2)
So I said
Storing passwords unencrypted, or even storing hashes unencrypted, is why you see these stories of millions of passwords leaking. Just don't store anything important unencrypted, and it limits the threat to very sophisticated attackers.
and then you said
Brute forcing has traditionally been a very successful attack in recent times as things like md5 and the like are all so compromised it might as well be plain text. GPUs in particular are excellently suites for mass parallel brute forcing , particularly coupled with precompited hash tables
which seemed an odd thing to say.
Re: (Score:1)
A 4-digit pin is not enough for access to a website.
If you pick a random 4-digit pin and try it with 10000 user names (using a botnet with thousands of IP addresses), you are very likely to get access to at least one account.
Not to mention the fact that "limiting tries" is useless if someone hacks the server and gets access to the password file. Salted hashes are your only hope of at least keeping users with strong passwords safe.
Re: (Score:2)
So I said
storing passwords unencrypted, or even storing hashes unencrypted, is why you see these stories of millions of passwords leaking. Just don't store anything important unencrypted, and it limits the threat to very sophisticated attackers.
and then you said
Not to mention the fact that "limiting tries" is useless if someone hacks the server and gets access to the password file.
which seemed an odd thing to say.
If you pick a random 4-digit pin and try it with 10000 user names (using a botnet with thousands of IP addresses), you are very likely to get access to at least one account.
Sure, but that's a threat very few websites have to care about.
Re: (Score:2)
Re: (Score:1)
Yeah, I once tried to use a password for iCloud containing 20 characters, with letters, numbers and punctuation marks. It was rejected because it didn't contain a capital letter. So I made it weaker by capitalizing the first letter.
It's really sad: hackers typically run algorithms with the most common passwords on lists of hashes. If capitals are not required, they need to try both "password" and "Password". With the requirement of capitals and lower case letters, most users just capitalize the first letter
Re: (Score:2)
4-digit pin cannot start with 0
You just know that's because they've had bugs caused by "0103" becoming 103 or interpreted as octal or other such php related snafus.
Re: (Score:1)
Yeah, if you have nothing to hide, why do you even need a password?
password (Score:2)
At least no one used password as their password.
Re:password (Score:5, Funny)
Re:password (Score:5, Funny)
To be fair, he wasn't using his name - he was using the name of his preferred shell.
Re: (Score:2)
Re: (Score:1)
done back in the 1980's, probably (Score:5, Informative)
It was well-understood by the mid 1980's that the 12-bit salting scheme was breakable with existing hardware. That is why everyone quietly moved to larger salts during that time period.
With reasonable coding assumptions it was possible to crack most any password in 3-5 days on an early 68k box (e.g. Masscomp or Codata). No, I don't have the code any longer.
My understanding is that Morris modified DES for use in passwd(5) so that you couldn't use hardware DES to brute-force decrypt passwords. Unfortunately I suspect he introduced a vulnerability because apparently the hash leaked information about the key, and since the high-order bits of a DES key are parity bits you could use that as a prybar to narrow your search space.
Commas? (Score:1)
Re: (Score:3)
Why do most of them have commas in their passwords? Seems a strange thing to do.
The ancient Teletype Model 33 teletypewriters used back in those days did not have a comma key on them.
Now that is a secure password; using a character that you can't type in directly!
Re:Commas? (Score:5, Informative)
1) TTY model 33s had no lower case characters, but they did have commas. 2) The UNIX creators did not use TTY model 33s. You know how UNIX filenames and C source code is full of lower case characters? Think about that.
The UNIX OS tty (terminal) subsystem did support upper-case only terminals - look at stty(1) and search for uclc and xcase. But yecch.
Re: (Score:2)
The comma and period are two of the easiest symbols to type. The semicolon is mechanically easiest, but it's so seldom used reaching down to the comma period is functionally easier.
Re: (Score:2)
Pretty sure that's pedantic (or improper) editing; when quoting speech, you would put the comma inside the quotation marks. The original source makes it more clear - only Kernighan's had a literal comma.
Slashdot? (Score:5, Funny)
" Kernighan's was "/.,/.,." "
So that is where CmdrTaco got the idea
Re:Slashdot? (Score:5, Informative)
No.
CmdrTaco (Rob Malda) wanted the site's name to be obnoxious when read out alound:
Etch Tee Tee Pee colon slash slash slash dot dot org.
It is even in the FAQ:
https://slashdot.org/faq/slash... [slashdot.org]
Re: Slashdot? (Score:3, Funny)
Re: (Score:3)
Slashdot was Kernighan's idea. He was just to busy to commercialize it.
After developing a file-system with a tree directory structure, he thought:
Atleast it wasnt (Score:3)
At least it wasnt 1-2-3-4-5
Because that would be the same combination as my luggage.
This just in.... (Score:2)
Ancient encryption are crack able with hardware that's decades in the future! *gasp* I'm shocked! You mean my encryption isn't good until the of end of time? Someone call the NSA and tell them about this new discovery! I did this very same experiment in college using john the ripper!, and that was without GPU's so I don't really understand how this is news worthy?
Knowing the history of these guys, these are probly one off passwords, Ken Thompson uses a comma in his password, teletypes didn't have commas s
Re:This just in.... (Score:5, Informative)
I think the purpose of the article was to give a grasp of what kind of password pioneers were using, and not look we decrypted 50 year-old password.
Re: (Score:2)
Heck, the original ftp protocol transmitted passwords across the network as plaintext. You increase the level of security to counter the current level of risk. Not to tr
Re: (Score:2)
Which begs the question, what sort of password could you employ today that would be safe in 50 years? 3 factor identification that includes a biometric readout of the mole on your left foot, an end to end encrypted password to a burner phone, and a photo of your dog pissing on a copy of today's newspaper?
(Shite, unless there are no newspapers in 50 yrs.)
Re: (Score:2)
Whatever you do, don't let actual human generate entropy. We're amazingly predictable, and thus suck at it. Best of us can barely manage in the realm of 50 bits, which is on the border of being crackable with commodity hardware.
Different world back then (Score:5, Informative)
Security really wasn't at a high premium back then. The need was also less. You might have a prankster get into your account for a practical joke, but those pranksters probably had root access anyway. The computer wasn't being used for financial transactions or anything like it; the most expensive thing you could do was swipe a copy of AT&T Unix.
Back in the '70s on the Univac 1100/80, my password as zxcv. That was at work -- professional environment, no internet, no dialup, so the only threats would be internal.
And when my boss decided to play a practical joke on my account, he just used the Univac equivalent of root access. As did I, with my retaliation.
Impolite? (Score:5, Interesting)
Re: (Score:2)
Old news (Score:1)
Schmidt's was "wendy!!!"
*Everyone* knows it's wendy...
After 50 years ... (Score:2)
So after 50 years they managed to crack a password. News at 11. Seems to me that the original algorithm was pretty damn secure!
Re: (Score:1)
Not really. Some of us cracked those passwords more than 20 years ago when John came out.
This is just a johnny come lately.
Heh (Score:3)
I don't know why I love this story, but I love this story.
Good enough in the day (Score:2)