It gets worse.
Initial reports of the Ashley Madison hack suggested they did one thing right. If I'm reading this report from Ars Technica correctly, they managed to screw even that up by having a second password table with MD5-hashed passwords.
Why is that bad? cryptographic hash functions create unique "signatures" from electronic data. They come in two different varieties. "Fast" algorithms are used to verify the authenticity of gigabytes of data. They're used to check the integrity of almost everything sent over the internet. They're designed to be run millions of times a second with minimal memory.
Standard practice for storing passwords is to store a hash "signature" instead of the raw (plaintext) password. You log into a site, it runs the hash function, and compares the signature with the signature stored in its database.
While fast hash algorithms like MD5 are great for checking things like Windows 10 or streaming video. They're bad for storing passwords. The state of the art in breaking passwords involves making millions of guesses. With MD5 and a graphics card, a password cracker can try over a billion guesses a second.
"Slow" hash functions such as bcrypt or PBKDF2 are designed to take an arbitrary length of time. Instead of a billion guesses per second, a cracker is limited to a few hundred.
While Ashley Madison used bcrypt for their primary password table, they had a second password table with millions of passwords in MD5. As of yesterday, 11.7 million passwords have been hacked.
Not that a matters that much. Users chose really bad passwords. The top 10:
- 123456
- 12345
- password
- DEFAULT
- 123456789
- querty
- 12345678
- abc123
- pussy
- 1234567
The rest of the top 100 seems to combine numbers, sex, and wishful thinking. Sometimes in one password.
