It wasn't salted, but even then a targeted effort could almost certainly crack a password as bad as dadada almost immediately for a fast hash like sha1.
That's what I find hard to believe though. LinkedIn, a $20B giant, doesn't salt its passwords and uses something as weak as sha1? I would expect even a 1-person startup to do better than that.
That doesn't need to be true for this to have happened. Zuck is a high profile target, probably the hackers just prioritised cracking his account and such a weak password would be found reasonably quickly even using bcrypt
> What if the salt was derived from a key the user had to supply and wasn't stored anywhere?
If I understood you that is the same as demanding the user to input two strings for password authentication, one for salt and one for password, in which case you might just as well require the user to use a longer password.
Good point. Why do we have passwords anyway? Just to authenticate at unanticipated access points? We could always just do two-factor authentication for that. A code would be sent to Google Authenticator on your phone or something like that, encrypted with your public key, and you'd just decrypt it with your private key. The phone would be secured with your password or fingerprint, which is never sent anywhere. The code would allow you to auth with the new access point. If the cellphone was connected to the internet, it could send the key directly and the site would log you in. If not connected to the net, it could use bluetooth or optical or sound to communicate with the access point (eg web browser running on a computer) to send the code. Only in the worst case would you have to type anything in yourself.
Since most people walk around with their cellphones, you could even precompute a couple keys to unlock a site, for those times when there is no internet connection. Of course, your phone should be secured with a password and you should be able to revoke the keys if anything gets lost.
We use passwords both to authenticate (assert identity) and to authorize (declare intent). The problem with automated logins is that you cannot infer intent (i.e. you have no assurance that the user actually meant to log in to your service).
Because usernames and passwords can be implemented without reliance on 3rd party infrastructure and they are culturally accepted and understood - however poorly - by everyone. We're still using 80 character lines in programming because of IBM punch card design from 1928. Similarly, I doubt the password will completely go away within our grandchildren's lifetimes. That said, our mobile devices are likely to play an increasing role in authentication for everyday activities.
You can hash something like password+email+salt. If they don't know the email or salt it makes it hard to crack and even if they do it slows things down as they have to crack each password individually rather than making a rainbow table. Also using a slower hash like bcrypt rather than sha1 helps slow things down.
Salting has zero effect on the targeted cracking of a single password. Salting protects against rainbow tables - sets of pre-calculated hashes plain-text to passwords. These are dangerous because an attacker has a large amount of time to pre-calculate hashes, but (hopefully) only a small amount of time to calculate after a dump before the password is changed. However, if you are starting from scratch and have a single password to crack, there's no difference between a salted and unsalted password.
Modern state of the art for targeted attacks is to use slow hash algorithms, such as bcrypt. They have little effect on normal operations, as most users will get the right password within a few tries, so you're adding a negligible amount of time per user. But the extra time has a huge effect when an attacker is trying to calculate millions of hashes for a single user.
In 2003, when linkedin was founded SHA1 probably made sense. GPU password cracking was mostly non-existent at this point and most machines had a single core processor.
Salting protects against rainbow tables, which is just a pre-calculated mapping of hashes to plain-text. Salting does not effect the difficulty of cracking any one single password.
It's not exactly happening in a vacuum. Emails and usernames from previous dumps help people figure out passwords for new accounts when many people are reusing the same silly password everywhere.
For example someone else may have had dadada as a password and isuckat@passwords.com as their email, and their password was discovered via a separate breach on some other site. That other site used shit technology for securing people's passwords. isuckat@passwords.com was in the linkedin dump.
People can probably guess that any hash for isuckat@passwords.com will probably be 'dadada'. Now based on this information figuring out the hash for other users also using 'dadada' as their password is simpler. Multiply by many thousands of people reusing the same stupid password on all their sites.
In other words use a unique password and use a different unique password for each site and service you use. Use a password manager.
I sure did! It was a great study and quite fascinating from a marketing perspective.
I do remember in middle school (a religious one) a classmate got in trouble (detention?) for loudly wondering if the Biology teacher and softball coach in her 30s with short hair and drove an Isuzu Rodeo might be a lesbian.
Why did the article state that this is a problem even if one is using 2FA? Even if you reuse passwords, 2FA would stop most attacks it seems or slow them down incredibly, where you would be alerted to the multiple attempts to guess the 2FA code before it was actually cracked.
I wish facebook execs would come back to Twitter and other competing social media. Facebook seemed to have issued an executive ban a few years ago and they all went silent.
Can someone explain to me why we are still using passwords? It's not like we don't have better technology. Why can't I just authenticate everywhere with a signed token? What's standing in the way of this?
Passwords are NOT simple and convenient, they are cumbersome and hard-to-remember, cause huge security problems, and are basically only standing on top of the crutch of email forgot-your-password systems.
Yes, good passwords are hard to remember, and bad or reused passwords are a security risk, but conceptually passwords are way simpler and more convenient than the alternatives, for the average user.
All I need to login from any device in the world is my password. As soon as you introduce tokens or private keys or whatever you need something to securely store that, most likely protected by... a password.
I can imagine some crazy implant + biometric authentication scheme but we're a long ways off from that sort of thing being universally accepted.
I keep an ssh key on a USB drive on my keychain. The physical analogy to a key is easy to grasp and totally appropriate. You don't expect to get into your house without your keys; similarly, if we turn the key into a physical object on your person, we can build off an existing habit. I don't think this should be terribly difficult.
How about giving it a shot, at least? Can I even authenticate with Facebook or Gmail using a secure token? - as far as I know I can't. At least make it possible for the savvy user, and let the average user catch up as usability improves.
Well, for one, the fact that your private key can be copied without you knowing it. At least for now, the only guaranteed read-only-for-owner storage is our brain.
You can easily build a secure token machine that prevents this possibility. And compare this to the huge hole of having millions of people with the password 'password', the possibility of someone occasionally having their secret key stolen seems significantly less damaging.
True, but a token machine only serves to identify the token machine, which presumably is only held by the person it identifies. I think my point is that at a fundamental level, identity is internal, tied to a person's mind/soul/etc. Anything external is fundamentally a supplemental identifier.
People lose things, steal things, etc. but you cannot (as of yet) steal someone's thoughts.
> Can someone explain to me why we are still using passwords?
Because, generally username/password remains the least-bad primary method we have for most uses, and most other methods work best as secondary methods with that rather than replacements.
> It's not like we don't have better technology.
Yes, it is.
> Why can't I just authenticate everywhere with a signed token?
Because, unless they are accompanied by (or secured on the user end by) passwords, signing keys that enable that are more prone to theft, whether by copying (if they aren't kept in a hardware device designed to prevent that) or by theft of the device they are in.
Which is why that mechanism is usually used as a second-factor with passwords for systems needing additional security, rather than a replacement for passwords.
57 comments
[ 3.3 ms ] story [ 121 ms ] threadWhat if the salt was derived from a key the user had to supply and wasn't stored anywhere?
If I understood you that is the same as demanding the user to input two strings for password authentication, one for salt and one for password, in which case you might just as well require the user to use a longer password.
Since most people walk around with their cellphones, you could even precompute a couple keys to unlock a site, for those times when there is no internet connection. Of course, your phone should be secured with a password and you should be able to revoke the keys if anything gets lost.
Modern state of the art for targeted attacks is to use slow hash algorithms, such as bcrypt. They have little effect on normal operations, as most users will get the right password within a few tries, so you're adding a negligible amount of time per user. But the extra time has a huge effect when an attacker is trying to calculate millions of hashes for a single user.
For example someone else may have had dadada as a password and isuckat@passwords.com as their email, and their password was discovered via a separate breach on some other site. That other site used shit technology for securing people's passwords. isuckat@passwords.com was in the linkedin dump.
People can probably guess that any hash for isuckat@passwords.com will probably be 'dadada'. Now based on this information figuring out the hash for other users also using 'dadada' as their password is simpler. Multiply by many thousands of people reusing the same stupid password on all their sites.
In other words use a unique password and use a different unique password for each site and service you use. Use a password manager.
I have a feeling that today things are better than that, but who knows, maybe not.
The passwords were hashed with SHA1, not encrypted.
[1] https://www.youtube.com/watch?v=jdccNAOvPHg
I do remember in middle school (a religious one) a classmate got in trouble (detention?) for loudly wondering if the Biology teacher and softball coach in her 30s with short hair and drove an Isuzu Rodeo might be a lesbian.
Sounds about right.
Disclaimer: this is personal observation.
EDIT: I'm not saying passwords are ideal, just giving context as to why they haven't been replaced.
All I need to login from any device in the world is my password. As soon as you introduce tokens or private keys or whatever you need something to securely store that, most likely protected by... a password.
I can imagine some crazy implant + biometric authentication scheme but we're a long ways off from that sort of thing being universally accepted.
People lose things, steal things, etc. but you cannot (as of yet) steal someone's thoughts.
Because, generally username/password remains the least-bad primary method we have for most uses, and most other methods work best as secondary methods with that rather than replacements.
> It's not like we don't have better technology.
Yes, it is.
> Why can't I just authenticate everywhere with a signed token?
Because, unless they are accompanied by (or secured on the user end by) passwords, signing keys that enable that are more prone to theft, whether by copying (if they aren't kept in a hardware device designed to prevent that) or by theft of the device they are in.
Which is why that mechanism is usually used as a second-factor with passwords for systems needing additional security, rather than a replacement for passwords.