[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] unsalted hashes of 6 million linkedin passwords published on the internet

Subject: [ale] unsalted hashes of 6 million linkedin passwords published on the internet
From: stephen at averagesecurityguy.info (Stephen Haywood)
Date: Thu, 7 Jun 2012 15:47:08 -0400
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

> Unsalted and unseeded.  If the hashing had been seeded, the brute
> forcing would be impossible without the private seed.

I understand what you mean by unsalted but explain unseeded in terms
of a SHA1 hash. My understanding is the file contained about 6.5
million unique password hashes, of which about 3.5 million were
cracked before the list was made public. Last I heard about 1.5
million had be cracked and analyzed by Stefan Venken (@StefanVenken).
I believe the folks at KoreLogic have cracked over 3 million of them.
-- 
Stephen Haywood
Information Security Consultant
CISSP, GPEN, OSCP
T: @averagesecguy
W: averagesecurityguy.info

Follow-Ups:
- [ale] unsalted hashes of 6 million linkedin passwords published on the internet
  - From: atllinuxenthinfo at techstarship.com (Ron Frazier (ALE))
- [ale] unsalted hashes of 6 million linkedin passwords published on the internet
  - From: mhw at WittsEnd.com (Michael H. Warfield)

References:
- [ale] unsalted hashes of 6 million linkedin passwords published on the internet
  - From: atllinuxenthinfo at techstarship.com (Ron Frazier (ALE))
- [ale] unsalted hashes of 6 million linkedin passwords published on the internet
  - From: mhw at WittsEnd.com (Michael H. Warfield)

Prev by Date: [ale] OT: Is this for real? Fwd: Notice of Claim of Copyright Infringement.
Next by Date: [ale] [OT] AT&T/UVerse going to carrier grade NAT?
Previous by thread: [ale] unsalted hashes of 6 million linkedin passwords published on the internet
Next by thread: [ale] unsalted hashes of 6 million linkedin passwords published on the internet
Index(es):
- Date
- Thread