How are passwords stolen from companies if they only store hashes?Why do some large companies still store passwords in plain text/decrypt-able format?I've heard that salt is not meant to be secret, but what if I made it secret?Email hacking mythHow to store passwords securely in my server?How secure are “pattern” passwords?Are bad passwords used to breach security in real life?What are the security implications of storing multiple hashes for similar passwords?How safe is it to store your passwords in web browsers?What are the security risks of logging the hash of rejected passwords?Trouble understanding how passwords are authenticated
Magento2 Admin dashboard chart is broken in my all Projects
Should a narrator ever describe things based on a characters view instead of fact?
Is there any common country to visit for persons holding UK resp. Schengen visas?
Friend wants my recommendation but I don't want to give it to him
Magento 1 : each() function is deprecated
What is it called when someone votes for an option that's not their first choice?
How to understand 「僕は誰より彼女が好きなんだ。」
Referencing javascript library in content editor webpart
Air travel with refrigerated insulin
Turning a hard to access nut?
How are passwords stolen from companies if they only store hashes?
Exit shell with shortcut (not typing exit) that closes session properly
Pre-Employment Background Check With Consent For Future Checks
What is this high flying aircraft over Pennsylvania?
How do researchers send unsolicited emails asking for feedback on their works?
How can an organ that provides biological immortality be unable to regenerate?
Recursively updating the MLE as new observations stream in
Error in master's thesis, I do not know what to do
Would this string work as string?
Why is participating in the European Parliamentary elections used as a threat?
Why is "la Gestapo" feminine?
Was Ahsoka Tano one of the younglings helping Kenobi find Kamino?
Can "few" be used as a subject? If so, what is the rule?
Can other pieces capture a threatening piece and prevent a checkmate?
How are passwords stolen from companies if they only store hashes?
Why do some large companies still store passwords in plain text/decrypt-able format?I've heard that salt is not meant to be secret, but what if I made it secret?Email hacking mythHow to store passwords securely in my server?How secure are “pattern” passwords?Are bad passwords used to breach security in real life?What are the security implications of storing multiple hashes for similar passwords?How safe is it to store your passwords in web browsers?What are the security risks of logging the hash of rejected passwords?Trouble understanding how passwords are authenticated
Everywhere I look it says servers store passwords in hashed form, but then you have those breaking news about hackers stealing passwords from large companies. What am I missing?
passwords
asked 2 days ago
W2aW2a
331124
New contributor
W2a is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
|
show 1 more comment
Everywhere I look it says servers store passwords in hashed form, but then you have those breaking news about hackers stealing passwords from large companies. What am I missing?
passwords
asked 2 days ago
W2aW2a
331124
New contributor
W2a is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
5
Passwords could be stolen also by eavesdropping them on the points they pass unencrypted. And at least on a point they are unencrypted, namely on the keyboard of the user.
– peterh
2 days ago
112
"Everywhere I look it says servers store passwords in hashed form" No, it says servers should store passwords in hashed form!!
– Lightness Races in Orbit
2 days ago
7
If you password is "123abc", no amount of hashing, salting or peppering will keep your account secure once the database is stolen.
– Dmitry Grigoryev
yesterday
You also need to educate people about security. If your password has enough entropy, you use hashes and salt but your employees write down passwords on post-it and leave them around, or just give them to that colleague who "really needs that file on the server" you will have problems. Look up "Social Engineering"
– Axel2D
20 hours ago
2
I worked a food counter for long enough that for a half-dozen combos, if you told me a customer's total, I could tell you what they ordered, without a receipt or knowledge of their particular order.
– dandavis
17 hours ago
|
show 1 more comment
Everywhere I look it says servers store passwords in hashed form, but then you have those breaking news about hackers stealing passwords from large companies. What am I missing?
passwords
asked 2 days ago
W2aW2a
331124
New contributor
W2a is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Everywhere I look it says servers store passwords in hashed form, but then you have those breaking news about hackers stealing passwords from large companies. What am I missing?
passwords
passwords
asked 2 days ago
W2aW2a
331124
New contributor
W2a is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 days ago
W2aW2a
331124
New contributor
W2a is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 days ago
W2aW2a
331124
New contributor
W2a is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 days ago
W2aW2a
331124
asked 2 days ago
W2aW2a
331124
331124
New contributor
W2a is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
W2a is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
W2a is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
5
Passwords could be stolen also by eavesdropping them on the points they pass unencrypted. And at least on a point they are unencrypted, namely on the keyboard of the user.
– peterh
2 days ago
112
"Everywhere I look it says servers store passwords in hashed form" No, it says servers should store passwords in hashed form!!
– Lightness Races in Orbit
2 days ago
7
If you password is "123abc", no amount of hashing, salting or peppering will keep your account secure once the database is stolen.
– Dmitry Grigoryev
yesterday
You also need to educate people about security. If your password has enough entropy, you use hashes and salt but your employees write down passwords on post-it and leave them around, or just give them to that colleague who "really needs that file on the server" you will have problems. Look up "Social Engineering"
– Axel2D
20 hours ago
2
I worked a food counter for long enough that for a half-dozen combos, if you told me a customer's total, I could tell you what they ordered, without a receipt or knowledge of their particular order.
– dandavis
17 hours ago
|
show 1 more comment
5
Passwords could be stolen also by eavesdropping them on the points they pass unencrypted. And at least on a point they are unencrypted, namely on the keyboard of the user.
– peterh
2 days ago
112
"Everywhere I look it says servers store passwords in hashed form" No, it says servers should store passwords in hashed form!!
– Lightness Races in Orbit
2 days ago
7
If you password is "123abc", no amount of hashing, salting or peppering will keep your account secure once the database is stolen.
– Dmitry Grigoryev
yesterday
You also need to educate people about security. If your password has enough entropy, you use hashes and salt but your employees write down passwords on post-it and leave them around, or just give them to that colleague who "really needs that file on the server" you will have problems. Look up "Social Engineering"
– Axel2D
20 hours ago
2
I worked a food counter for long enough that for a half-dozen combos, if you told me a customer's total, I could tell you what they ordered, without a receipt or knowledge of their particular order.
– dandavis
17 hours ago
5
5
Passwords could be stolen also by eavesdropping them on the points they pass unencrypted. And at least on a point they are unencrypted, namely on the keyboard of the user.
– peterh
2 days ago
Passwords could be stolen also by eavesdropping them on the points they pass unencrypted. And at least on a point they are unencrypted, namely on the keyboard of the user.
– peterh
2 days ago
112
112
"Everywhere I look it says servers store passwords in hashed form" No, it says servers should store passwords in hashed form!!
– Lightness Races in Orbit
2 days ago
"Everywhere I look it says servers store passwords in hashed form" No, it says servers should store passwords in hashed form!!
– Lightness Races in Orbit
2 days ago
7
7
If you password is "123abc", no amount of hashing, salting or peppering will keep your account secure once the database is stolen.
– Dmitry Grigoryev
yesterday
If you password is "123abc", no amount of hashing, salting or peppering will keep your account secure once the database is stolen.
– Dmitry Grigoryev
yesterday
You also need to educate people about security. If your password has enough entropy, you use hashes and salt but your employees write down passwords on post-it and leave them around, or just give them to that colleague who "really needs that file on the server" you will have problems. Look up "Social Engineering"
– Axel2D
20 hours ago
You also need to educate people about security. If your password has enough entropy, you use hashes and salt but your employees write down passwords on post-it and leave them around, or just give them to that colleague who "really needs that file on the server" you will have problems. Look up "Social Engineering"
– Axel2D
20 hours ago
2
2
I worked a food counter for long enough that for a half-dozen combos, if you told me a customer's total, I could tell you what they ordered, without a receipt or knowledge of their particular order.
– dandavis
17 hours ago
I worked a food counter for long enough that for a half-dozen combos, if you told me a customer's total, I could tell you what they ordered, without a receipt or knowledge of their particular order.
– dandavis
17 hours ago
|
show 1 more comment
7 Answers
7
active
oldest
votes
There are two common failings, over and above letting the databases or files get stolen in the first place.
Unfortunately, and against all security recommendations, many systems still store plain text passwords.
Hashed passwords are technically not reversible, but as has been pointed out by others, it's possible to hash millions of password guesses then simply look for matches. In fact, what usually happens is that tables of pre-computed passwords and hashes (Rainbow Tables) are available and used to look for matches. A good rainbow table can support a high percentage match in fractions of a second per password hash.
Using a salt (an extra non-secret extension of the password) in the hash prevents the use of pre-computed rainbow tables.
Most compromisers depend upon rainbow tables. Computing their own hash set is certainly possible, but it's extremely time consuming (as in months or longer), so it's generally the vanilla hash that's vulnerable.
Using a salt stops rainbow tables, and a high round count of hashed hashes of hashes can make brute force transition from months to years or longer. Most institutions simply don't implement this level of security.
edited 21 hours ago
scohe001
1226
answered 2 days ago
user10216038user10216038
1,22239
24
I disagree with your statement "most compromisers depend upon rainbow tables". While they are useful in some situations, evidence suggests password cracking is still more popular since it is remains useful regardless of salting, different hash types, and iterative hashing.
– PwdRsch
yesterday
2
Salts don't prevent the use of precomputed rainbow tables or stop rainbow tables. They merely make it orders of magnitude harder. Remember, it's possible (but so unlikely we can safely pretend it will never happen) that a random number generator could guess your password on the first try.
– CJ Dennis
yesterday
1
"Hashed passwords are technically not reversible"... true but misleading, since you don't need to reverse it, you just need a preimage that hashes to the same thing.
– Mehrdad
yesterday
6
"...many systems still store plain text passwords." Yup. About 2 years ago, we received a copy of a database that we were building a replacement for. (We were going to migrate data over.) Whoever dumped it and sent it to us didn't bother to scrub all the plain text passwords from it, meaning I could have gone in an impersonated anyone I wanted on a live government system.
– jpmc26
17 hours ago
1
The website plaintextoffenders.com maintains a list of companies found to be storing your passwords in plaintext or some other recoverable format. The list currently has over 5,000 entries.
– anaximander
2 hours ago
|
show 4 more comments
When you hear that passwords got stolen, sometimes companies will report it even if it's just hashed passwords that were stolen. This is so you can take action in the case that they are broken. Unfortunately, there are still companies that store their passwords incorrectly; for example, if you search for the rockyou password breach, you'll find that they were storing their passwords in clear text, which means that they were compromised as soon as they were stolen. In other cases, such as the Adobe password breach, there was mishandling of storing the encrypted passwords in their database. Other times, companies use hashing on their passwords but use insecure hashing algorithms or they don't salt their passwords properly. In short, if a company follows recommended password storage methods, the passwords in theory should be safe in their hashed form, but a good company will still inform their customers of the breach. However, there are plenty of examples where companies do not store passwords correctly leading them to be cracked quite quickly.
edited yesterday
jwodder
15316
answered 2 days ago
Dam30nDam30n
38123
1
And even if you do everything right, stealing all the hashed passwords (along with usernames or e-mails, presumably) makes it much easier to do other attacks on the passwords - especially with old mechanisms like MD5, salting or not. And given that most people use the same password on multiple sites, and the passwords are still quite weak often enough... Granted, if you use a good slow hash with proper salting, the impact is very low.
– Luaan
yesterday
add a comment |
You hash a large number of passwords, then check if the output matches any of the stored hashes. Brute force cracking is feasible because people do not usually choose highly unpredictable passwords.
When a password database is stolen, the stolen material includes all the information necessary to do offline cracking. (It's simply a guess and check process. Other methods may be available with less secure hashing or password storage methods.)
Hashing passwords with a preimage resistant functions with a sufficiently unpredictable input is enough to make it impossible recover a password. (An inhumanly strong password.)
However, most people don't do this in the real world, a stolen database of hashes is potentially as worrying as a list of unhashed passwords for a large subset of users on a typical website.
If the password cracker finds candidate password whose hash matches the one stored in the database, then he will have recovered the original (weak) password.
Alternatively, if a hash function is not preimage resistant (including when the output of the hash is too short) a guess-and-check procedure may produce false positives. (Alternative passwords not identical to the original.)
The accounts of users from the company with the data breach are still vulnerable because these passwords will unlock a user's account, even if they aren't identical to the original password. (The server has no way to tell if it's the original password. The hash still matches the one in the stolen database in this case.)
Don't intentionally use an insecure hash function, of course... It's still possible to infer the original password or narrow down the number of possibilities. Which would still make users that reuse passwords on other websites extra vulnerable.
answered 2 days ago
Future SecurityFuture Security
931212
1
"You hash a large number of passwords, then check if the output matches any of the stored hashes." Salting defeates this.
– Taemyr
5 hours ago
add a comment |
Many possibilities:
Even though passwords should be hashed before storage, it's not always the case. Sadly, even today, there are still plenty of passwords stored as cleartext. Steal database, get all passwords.
Passwords could be stored somewhere else. Passwords could be included in logs, for instance. Steal logs, get all passwords that were used in those logs.
Passwords could be hashed but not salted. So you build a list of password -> hash combinations based on all sorts of passwords. You reverse this table so it becomes hash -> password (lookup table). Get database, convert hashes to passwords, get lots of passwords.
Passwords are hashed and salted. But lots of users use very weak passwords (123456, password, letmein, qwerty...). Try lists of passwords against those hashes. Get database, make a dictionary attack on hashes, get lots of passwords.
Variation on the previous one, instead of a pre-determined list of passwords, try passwords based on other information you have about the user (username, first name, last name, date of birth, e-mail...).
Yet another variation, as many users re-use the same password: try passwords for the same e-mail recovered from other breaches.
Yet another variation, when there is a strong password policy in place which requires changing passwords on a regular basis: if you have a previous password for the user, just try changing the final numbers: if user had password "joe12" at one point, try joe13, joe14, joe15... If you have the date the initial password was valid and know the password change interval, it can be quite quick.
Passwords are hashed and salted, but use weak (fast) hashes. Same as #4-7, but you can do a lot more attempts a lot more quickly, so you can try a larger dictionary, or even try quite systematically all combinations (brute force attack).
Communication between clients and servers are susceptible to man-in-the-middle (MITM) attacks. Passwords are captured on the way.
You perform social engineering. "Hello, this is the IT department, there's an issue with your account, we need to reset something, can you give me your password"? You'd be amazed how often that works if properly framed.
Mass social engineering, aka phishing: send a mass e-mail campaign asking to log into a site which will capture all those passwords.
Hack into the site, and modify it so it sends all passwords received to a remote server (or logs them to a file you'll retrieve later).
Ditto, but modify client-side code to do it. Could be as easy as a stored XSS hack.
A variation on the above: keyloggers.
There's probably quite a few more methods, but that gives you an idea of how easy it can be to recover tons of passwords.
answered 21 hours ago
jcaronjcaron
835413
add a comment |
As we are not discussing how the passwords have been stolen, and more so the aftermath, I'll avoid the many number of factors said companies should implement to help prevent these data breaches.
If you make a website and manage the database, it's down to us to store that information efficiently. If we don't, when there is a data breach attackers can view passwords in what may as well be plain text, as often is the case (depending on the way in which these are stored).
In short, you'd never want this to happen! -- Password cracking is a very common and real thing, just because passwords are hashed does not make them in any way secure.
Let's say a company has 1000 customer passwords, all of which are hashed.
Let's say 600 of those customers had a password, 8 characters long, the likelihood of those passwords being cracked within the first 5 minutes (being generous) is very high.
"5 minutes?! But they were hashed!"....
Yeah, but the passwords of those 600 customers were still poor, along with an equally poor hashing algorithm.
Without going into too much detail in the interest of simplifying the explanation; password cracking works by simply matching the hash to a dictionary file of words, running through each word to see if their hash matches the ones that have been obtained from those 600 customers, for example, your password might be:
Password: Security
MD5 Hashed: 2FAE32629D4EF4FC6341F1751B405E45
I then just run some favorable hacking tools against those hashes to "crack" them.
Should you ever want to store passwords yourself, MD5 should be avoided, above was purely for example purposes. Instead, research the stronger types of hashing algorithms, it makes it much harder for attackers to successfully make use of the passwords they have stolen.
The short answer; hashing, or whatever format you store your passwords has no effect on the ability for hackers to steal these. They are stolen because of a variety of different vulnerabilities. There are a multitude of attacks in which help obtain passwords (hashed or not).
edited 2 days ago
schroeder♦
77.5k30171207
answered 2 days ago
Tipping44Tipping44
1322
New contributor
Tipping44 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
10
Just to note that with a weak password like 'Security', you don't even need a cracking tool, you can just Google 2FAE32629D4EF4FC6341F1751B405E45
– richardb
yesterday
2
And even more so, now that this article is indexed!
– Mark K Cowan
18 hours ago
add a comment |
Also take the following attack vector into consideration for web applications:
If the attacker can modify the frontend code, then with a small script the plaintext passwords could be "sniffed" for a while.
If the script can be injected from the backend, then it could be set to only show for visitors from certain countries to better protect against malicious frontend code change detection automations in place running in the same country where the application is being run from.
answered 2 days ago
SevronSevron
1376
add a comment |
While storing passwords in hashed form is desirable, it can also pose some difficulties. If it is necessary for one entity to issue a request to another entity on behalf of a user, and the second entity requires submission of plaintext passwords for validation, the first entity will need to hold the user's password in a form that would be convertible to plaintext.
To allow for this, companies may store passwords in various kinds of hardware security modules which audit all attempts to retrieve passwords from them. This approach mitigates many of the dangers involved with plaintext password storage. It can't mitigate all of the dangers, but if an entity is supposed to have authority to access an outside entity on behalf of a user, and the outside entity won't accept anything other than the user's password as evidence of that authority, some of the dangers associated with plain-text passwords will be inescapable no matter what the first entity tries to do.
answered 15 hours ago
supercatsupercat
1,74279
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "162"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
W2a is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f205519%2fhow-are-passwords-stolen-from-companies-if-they-only-store-hashes%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
7 Answers
7
active
oldest
votes
7 Answers
7
active
oldest
votes
active
oldest
votes
active
oldest
votes
There are two common failings, over and above letting the databases or files get stolen in the first place.
Unfortunately, and against all security recommendations, many systems still store plain text passwords.
Hashed passwords are technically not reversible, but as has been pointed out by others, it's possible to hash millions of password guesses then simply look for matches. In fact, what usually happens is that tables of pre-computed passwords and hashes (Rainbow Tables) are available and used to look for matches. A good rainbow table can support a high percentage match in fractions of a second per password hash.
Using a salt (an extra non-secret extension of the password) in the hash prevents the use of pre-computed rainbow tables.
Most compromisers depend upon rainbow tables. Computing their own hash set is certainly possible, but it's extremely time consuming (as in months or longer), so it's generally the vanilla hash that's vulnerable.
Using a salt stops rainbow tables, and a high round count of hashed hashes of hashes can make brute force transition from months to years or longer. Most institutions simply don't implement this level of security.
edited 21 hours ago
scohe001
1226
answered 2 days ago
user10216038user10216038
1,22239
24
I disagree with your statement "most compromisers depend upon rainbow tables". While they are useful in some situations, evidence suggests password cracking is still more popular since it is remains useful regardless of salting, different hash types, and iterative hashing.
– PwdRsch
yesterday
2
Salts don't prevent the use of precomputed rainbow tables or stop rainbow tables. They merely make it orders of magnitude harder. Remember, it's possible (but so unlikely we can safely pretend it will never happen) that a random number generator could guess your password on the first try.
– CJ Dennis
yesterday
1
"Hashed passwords are technically not reversible"... true but misleading, since you don't need to reverse it, you just need a preimage that hashes to the same thing.
– Mehrdad
yesterday
6
"...many systems still store plain text passwords." Yup. About 2 years ago, we received a copy of a database that we were building a replacement for. (We were going to migrate data over.) Whoever dumped it and sent it to us didn't bother to scrub all the plain text passwords from it, meaning I could have gone in an impersonated anyone I wanted on a live government system.
– jpmc26
17 hours ago
1
The website plaintextoffenders.com maintains a list of companies found to be storing your passwords in plaintext or some other recoverable format. The list currently has over 5,000 entries.
– anaximander
2 hours ago
|
show 4 more comments
There are two common failings, over and above letting the databases or files get stolen in the first place.
Unfortunately, and against all security recommendations, many systems still store plain text passwords.
Hashed passwords are technically not reversible, but as has been pointed out by others, it's possible to hash millions of password guesses then simply look for matches. In fact, what usually happens is that tables of pre-computed passwords and hashes (Rainbow Tables) are available and used to look for matches. A good rainbow table can support a high percentage match in fractions of a second per password hash.
Using a salt (an extra non-secret extension of the password) in the hash prevents the use of pre-computed rainbow tables.
Most compromisers depend upon rainbow tables. Computing their own hash set is certainly possible, but it's extremely time consuming (as in months or longer), so it's generally the vanilla hash that's vulnerable.
Using a salt stops rainbow tables, and a high round count of hashed hashes of hashes can make brute force transition from months to years or longer. Most institutions simply don't implement this level of security.
edited 21 hours ago
scohe001
1226
answered 2 days ago
user10216038user10216038
1,22239
24
I disagree with your statement "most compromisers depend upon rainbow tables". While they are useful in some situations, evidence suggests password cracking is still more popular since it is remains useful regardless of salting, different hash types, and iterative hashing.
– PwdRsch
yesterday
2
Salts don't prevent the use of precomputed rainbow tables or stop rainbow tables. They merely make it orders of magnitude harder. Remember, it's possible (but so unlikely we can safely pretend it will never happen) that a random number generator could guess your password on the first try.
– CJ Dennis
yesterday
1
"Hashed passwords are technically not reversible"... true but misleading, since you don't need to reverse it, you just need a preimage that hashes to the same thing.
– Mehrdad
yesterday
6
"...many systems still store plain text passwords." Yup. About 2 years ago, we received a copy of a database that we were building a replacement for. (We were going to migrate data over.) Whoever dumped it and sent it to us didn't bother to scrub all the plain text passwords from it, meaning I could have gone in an impersonated anyone I wanted on a live government system.
– jpmc26
17 hours ago
1
The website plaintextoffenders.com maintains a list of companies found to be storing your passwords in plaintext or some other recoverable format. The list currently has over 5,000 entries.
– anaximander
2 hours ago
|
show 4 more comments
There are two common failings, over and above letting the databases or files get stolen in the first place.
Unfortunately, and against all security recommendations, many systems still store plain text passwords.
Hashed passwords are technically not reversible, but as has been pointed out by others, it's possible to hash millions of password guesses then simply look for matches. In fact, what usually happens is that tables of pre-computed passwords and hashes (Rainbow Tables) are available and used to look for matches. A good rainbow table can support a high percentage match in fractions of a second per password hash.
Using a salt (an extra non-secret extension of the password) in the hash prevents the use of pre-computed rainbow tables.
Most compromisers depend upon rainbow tables. Computing their own hash set is certainly possible, but it's extremely time consuming (as in months or longer), so it's generally the vanilla hash that's vulnerable.
Using a salt stops rainbow tables, and a high round count of hashed hashes of hashes can make brute force transition from months to years or longer. Most institutions simply don't implement this level of security.
edited 21 hours ago
scohe001
1226
answered 2 days ago
user10216038user10216038
1,22239
There are two common failings, over and above letting the databases or files get stolen in the first place.
Unfortunately, and against all security recommendations, many systems still store plain text passwords.
Hashed passwords are technically not reversible, but as has been pointed out by others, it's possible to hash millions of password guesses then simply look for matches. In fact, what usually happens is that tables of pre-computed passwords and hashes (Rainbow Tables) are available and used to look for matches. A good rainbow table can support a high percentage match in fractions of a second per password hash.
Using a salt (an extra non-secret extension of the password) in the hash prevents the use of pre-computed rainbow tables.
Most compromisers depend upon rainbow tables. Computing their own hash set is certainly possible, but it's extremely time consuming (as in months or longer), so it's generally the vanilla hash that's vulnerable.
Using a salt stops rainbow tables, and a high round count of hashed hashes of hashes can make brute force transition from months to years or longer. Most institutions simply don't implement this level of security.
edited 21 hours ago
scohe001
1226
answered 2 days ago
user10216038user10216038
1,22239
edited 21 hours ago
scohe001
1226
edited 21 hours ago
scohe001
1226
edited 21 hours ago
scohe001
1226
1226
answered 2 days ago
user10216038user10216038
1,22239
answered 2 days ago
user10216038user10216038
1,22239
answered 2 days ago
user10216038user10216038
1,22239
1,22239
24
I disagree with your statement "most compromisers depend upon rainbow tables". While they are useful in some situations, evidence suggests password cracking is still more popular since it is remains useful regardless of salting, different hash types, and iterative hashing.
– PwdRsch
yesterday
2
Salts don't prevent the use of precomputed rainbow tables or stop rainbow tables. They merely make it orders of magnitude harder. Remember, it's possible (but so unlikely we can safely pretend it will never happen) that a random number generator could guess your password on the first try.
– CJ Dennis
yesterday
1
"Hashed passwords are technically not reversible"... true but misleading, since you don't need to reverse it, you just need a preimage that hashes to the same thing.
– Mehrdad
yesterday
6
"...many systems still store plain text passwords." Yup. About 2 years ago, we received a copy of a database that we were building a replacement for. (We were going to migrate data over.) Whoever dumped it and sent it to us didn't bother to scrub all the plain text passwords from it, meaning I could have gone in an impersonated anyone I wanted on a live government system.
– jpmc26
17 hours ago
1
The website plaintextoffenders.com maintains a list of companies found to be storing your passwords in plaintext or some other recoverable format. The list currently has over 5,000 entries.
– anaximander
2 hours ago
|
show 4 more comments
24
I disagree with your statement "most compromisers depend upon rainbow tables". While they are useful in some situations, evidence suggests password cracking is still more popular since it is remains useful regardless of salting, different hash types, and iterative hashing.
– PwdRsch
yesterday
2
Salts don't prevent the use of precomputed rainbow tables or stop rainbow tables. They merely make it orders of magnitude harder. Remember, it's possible (but so unlikely we can safely pretend it will never happen) that a random number generator could guess your password on the first try.
– CJ Dennis
yesterday
1
"Hashed passwords are technically not reversible"... true but misleading, since you don't need to reverse it, you just need a preimage that hashes to the same thing.
– Mehrdad
yesterday
6
"...many systems still store plain text passwords." Yup. About 2 years ago, we received a copy of a database that we were building a replacement for. (We were going to migrate data over.) Whoever dumped it and sent it to us didn't bother to scrub all the plain text passwords from it, meaning I could have gone in an impersonated anyone I wanted on a live government system.
– jpmc26
17 hours ago
1
The website plaintextoffenders.com maintains a list of companies found to be storing your passwords in plaintext or some other recoverable format. The list currently has over 5,000 entries.
– anaximander
2 hours ago
24
24
I disagree with your statement "most compromisers depend upon rainbow tables". While they are useful in some situations, evidence suggests password cracking is still more popular since it is remains useful regardless of salting, different hash types, and iterative hashing.
– PwdRsch
yesterday
I disagree with your statement "most compromisers depend upon rainbow tables". While they are useful in some situations, evidence suggests password cracking is still more popular since it is remains useful regardless of salting, different hash types, and iterative hashing.
– PwdRsch
yesterday
2
2
Salts don't prevent the use of precomputed rainbow tables or stop rainbow tables. They merely make it orders of magnitude harder. Remember, it's possible (but so unlikely we can safely pretend it will never happen) that a random number generator could guess your password on the first try.
– CJ Dennis
yesterday
Salts don't prevent the use of precomputed rainbow tables or stop rainbow tables. They merely make it orders of magnitude harder. Remember, it's possible (but so unlikely we can safely pretend it will never happen) that a random number generator could guess your password on the first try.
– CJ Dennis
yesterday
1
1
"Hashed passwords are technically not reversible"... true but misleading, since you don't need to reverse it, you just need a preimage that hashes to the same thing.
– Mehrdad
yesterday
"Hashed passwords are technically not reversible"... true but misleading, since you don't need to reverse it, you just need a preimage that hashes to the same thing.
– Mehrdad
yesterday
6
6
"...many systems still store plain text passwords." Yup. About 2 years ago, we received a copy of a database that we were building a replacement for. (We were going to migrate data over.) Whoever dumped it and sent it to us didn't bother to scrub all the plain text passwords from it, meaning I could have gone in an impersonated anyone I wanted on a live government system.
– jpmc26
17 hours ago
"...many systems still store plain text passwords." Yup. About 2 years ago, we received a copy of a database that we were building a replacement for. (We were going to migrate data over.) Whoever dumped it and sent it to us didn't bother to scrub all the plain text passwords from it, meaning I could have gone in an impersonated anyone I wanted on a live government system.
– jpmc26
17 hours ago
1
1
The website plaintextoffenders.com maintains a list of companies found to be storing your passwords in plaintext or some other recoverable format. The list currently has over 5,000 entries.
– anaximander
2 hours ago
The website plaintextoffenders.com maintains a list of companies found to be storing your passwords in plaintext or some other recoverable format. The list currently has over 5,000 entries.
– anaximander
2 hours ago
|
show 4 more comments
When you hear that passwords got stolen, sometimes companies will report it even if it's just hashed passwords that were stolen. This is so you can take action in the case that they are broken. Unfortunately, there are still companies that store their passwords incorrectly; for example, if you search for the rockyou password breach, you'll find that they were storing their passwords in clear text, which means that they were compromised as soon as they were stolen. In other cases, such as the Adobe password breach, there was mishandling of storing the encrypted passwords in their database. Other times, companies use hashing on their passwords but use insecure hashing algorithms or they don't salt their passwords properly. In short, if a company follows recommended password storage methods, the passwords in theory should be safe in their hashed form, but a good company will still inform their customers of the breach. However, there are plenty of examples where companies do not store passwords correctly leading them to be cracked quite quickly.
edited yesterday
jwodder
15316
answered 2 days ago
Dam30nDam30n
38123
1
And even if you do everything right, stealing all the hashed passwords (along with usernames or e-mails, presumably) makes it much easier to do other attacks on the passwords - especially with old mechanisms like MD5, salting or not. And given that most people use the same password on multiple sites, and the passwords are still quite weak often enough... Granted, if you use a good slow hash with proper salting, the impact is very low.
– Luaan
yesterday
add a comment |
When you hear that passwords got stolen, sometimes companies will report it even if it's just hashed passwords that were stolen. This is so you can take action in the case that they are broken. Unfortunately, there are still companies that store their passwords incorrectly; for example, if you search for the rockyou password breach, you'll find that they were storing their passwords in clear text, which means that they were compromised as soon as they were stolen. In other cases, such as the Adobe password breach, there was mishandling of storing the encrypted passwords in their database. Other times, companies use hashing on their passwords but use insecure hashing algorithms or they don't salt their passwords properly. In short, if a company follows recommended password storage methods, the passwords in theory should be safe in their hashed form, but a good company will still inform their customers of the breach. However, there are plenty of examples where companies do not store passwords correctly leading them to be cracked quite quickly.
edited yesterday
jwodder
15316
answered 2 days ago
Dam30nDam30n
38123
1
And even if you do everything right, stealing all the hashed passwords (along with usernames or e-mails, presumably) makes it much easier to do other attacks on the passwords - especially with old mechanisms like MD5, salting or not. And given that most people use the same password on multiple sites, and the passwords are still quite weak often enough... Granted, if you use a good slow hash with proper salting, the impact is very low.
– Luaan
yesterday
add a comment |
When you hear that passwords got stolen, sometimes companies will report it even if it's just hashed passwords that were stolen. This is so you can take action in the case that they are broken. Unfortunately, there are still companies that store their passwords incorrectly; for example, if you search for the rockyou password breach, you'll find that they were storing their passwords in clear text, which means that they were compromised as soon as they were stolen. In other cases, such as the Adobe password breach, there was mishandling of storing the encrypted passwords in their database. Other times, companies use hashing on their passwords but use insecure hashing algorithms or they don't salt their passwords properly. In short, if a company follows recommended password storage methods, the passwords in theory should be safe in their hashed form, but a good company will still inform their customers of the breach. However, there are plenty of examples where companies do not store passwords correctly leading them to be cracked quite quickly.
edited yesterday
jwodder
15316
answered 2 days ago
Dam30nDam30n
38123
When you hear that passwords got stolen, sometimes companies will report it even if it's just hashed passwords that were stolen. This is so you can take action in the case that they are broken. Unfortunately, there are still companies that store their passwords incorrectly; for example, if you search for the rockyou password breach, you'll find that they were storing their passwords in clear text, which means that they were compromised as soon as they were stolen. In other cases, such as the Adobe password breach, there was mishandling of storing the encrypted passwords in their database. Other times, companies use hashing on their passwords but use insecure hashing algorithms or they don't salt their passwords properly. In short, if a company follows recommended password storage methods, the passwords in theory should be safe in their hashed form, but a good company will still inform their customers of the breach. However, there are plenty of examples where companies do not store passwords correctly leading them to be cracked quite quickly.
edited yesterday
jwodder
15316
answered 2 days ago
Dam30nDam30n
38123
edited yesterday
jwodder
15316
edited yesterday
jwodder
15316
edited yesterday
jwodder
15316
15316
answered 2 days ago
Dam30nDam30n
38123
answered 2 days ago
Dam30nDam30n
38123
answered 2 days ago
Dam30nDam30n
38123
38123
1
And even if you do everything right, stealing all the hashed passwords (along with usernames or e-mails, presumably) makes it much easier to do other attacks on the passwords - especially with old mechanisms like MD5, salting or not. And given that most people use the same password on multiple sites, and the passwords are still quite weak often enough... Granted, if you use a good slow hash with proper salting, the impact is very low.
– Luaan
yesterday
add a comment |
1
And even if you do everything right, stealing all the hashed passwords (along with usernames or e-mails, presumably) makes it much easier to do other attacks on the passwords - especially with old mechanisms like MD5, salting or not. And given that most people use the same password on multiple sites, and the passwords are still quite weak often enough... Granted, if you use a good slow hash with proper salting, the impact is very low.
– Luaan
yesterday
1
1
And even if you do everything right, stealing all the hashed passwords (along with usernames or e-mails, presumably) makes it much easier to do other attacks on the passwords - especially with old mechanisms like MD5, salting or not. And given that most people use the same password on multiple sites, and the passwords are still quite weak often enough... Granted, if you use a good slow hash with proper salting, the impact is very low.
– Luaan
yesterday
And even if you do everything right, stealing all the hashed passwords (along with usernames or e-mails, presumably) makes it much easier to do other attacks on the passwords - especially with old mechanisms like MD5, salting or not. And given that most people use the same password on multiple sites, and the passwords are still quite weak often enough... Granted, if you use a good slow hash with proper salting, the impact is very low.
– Luaan
yesterday
add a comment |
You hash a large number of passwords, then check if the output matches any of the stored hashes. Brute force cracking is feasible because people do not usually choose highly unpredictable passwords.
When a password database is stolen, the stolen material includes all the information necessary to do offline cracking. (It's simply a guess and check process. Other methods may be available with less secure hashing or password storage methods.)
Hashing passwords with a preimage resistant functions with a sufficiently unpredictable input is enough to make it impossible recover a password. (An inhumanly strong password.)
However, most people don't do this in the real world, a stolen database of hashes is potentially as worrying as a list of unhashed passwords for a large subset of users on a typical website.
If the password cracker finds candidate password whose hash matches the one stored in the database, then he will have recovered the original (weak) password.
Alternatively, if a hash function is not preimage resistant (including when the output of the hash is too short) a guess-and-check procedure may produce false positives. (Alternative passwords not identical to the original.)
The accounts of users from the company with the data breach are still vulnerable because these passwords will unlock a user's account, even if they aren't identical to the original password. (The server has no way to tell if it's the original password. The hash still matches the one in the stolen database in this case.)
Don't intentionally use an insecure hash function, of course... It's still possible to infer the original password or narrow down the number of possibilities. Which would still make users that reuse passwords on other websites extra vulnerable.
answered 2 days ago
Future SecurityFuture Security
931212
1
"You hash a large number of passwords, then check if the output matches any of the stored hashes." Salting defeates this.
– Taemyr
5 hours ago
add a comment |
You hash a large number of passwords, then check if the output matches any of the stored hashes. Brute force cracking is feasible because people do not usually choose highly unpredictable passwords.
When a password database is stolen, the stolen material includes all the information necessary to do offline cracking. (It's simply a guess and check process. Other methods may be available with less secure hashing or password storage methods.)
Hashing passwords with a preimage resistant functions with a sufficiently unpredictable input is enough to make it impossible recover a password. (An inhumanly strong password.)
However, most people don't do this in the real world, a stolen database of hashes is potentially as worrying as a list of unhashed passwords for a large subset of users on a typical website.
If the password cracker finds candidate password whose hash matches the one stored in the database, then he will have recovered the original (weak) password.
Alternatively, if a hash function is not preimage resistant (including when the output of the hash is too short) a guess-and-check procedure may produce false positives. (Alternative passwords not identical to the original.)
The accounts of users from the company with the data breach are still vulnerable because these passwords will unlock a user's account, even if they aren't identical to the original password. (The server has no way to tell if it's the original password. The hash still matches the one in the stolen database in this case.)
Don't intentionally use an insecure hash function, of course... It's still possible to infer the original password or narrow down the number of possibilities. Which would still make users that reuse passwords on other websites extra vulnerable.
answered 2 days ago
Future SecurityFuture Security
931212
1
"You hash a large number of passwords, then check if the output matches any of the stored hashes." Salting defeates this.
– Taemyr
5 hours ago
add a comment |
You hash a large number of passwords, then check if the output matches any of the stored hashes. Brute force cracking is feasible because people do not usually choose highly unpredictable passwords.
When a password database is stolen, the stolen material includes all the information necessary to do offline cracking. (It's simply a guess and check process. Other methods may be available with less secure hashing or password storage methods.)
Hashing passwords with a preimage resistant functions with a sufficiently unpredictable input is enough to make it impossible recover a password. (An inhumanly strong password.)
However, most people don't do this in the real world, a stolen database of hashes is potentially as worrying as a list of unhashed passwords for a large subset of users on a typical website.
If the password cracker finds candidate password whose hash matches the one stored in the database, then he will have recovered the original (weak) password.
Alternatively, if a hash function is not preimage resistant (including when the output of the hash is too short) a guess-and-check procedure may produce false positives. (Alternative passwords not identical to the original.)
The accounts of users from the company with the data breach are still vulnerable because these passwords will unlock a user's account, even if they aren't identical to the original password. (The server has no way to tell if it's the original password. The hash still matches the one in the stolen database in this case.)
Don't intentionally use an insecure hash function, of course... It's still possible to infer the original password or narrow down the number of possibilities. Which would still make users that reuse passwords on other websites extra vulnerable.
answered 2 days ago
Future SecurityFuture Security
931212
You hash a large number of passwords, then check if the output matches any of the stored hashes. Brute force cracking is feasible because people do not usually choose highly unpredictable passwords.
When a password database is stolen, the stolen material includes all the information necessary to do offline cracking. (It's simply a guess and check process. Other methods may be available with less secure hashing or password storage methods.)
Hashing passwords with a preimage resistant functions with a sufficiently unpredictable input is enough to make it impossible recover a password. (An inhumanly strong password.)
However, most people don't do this in the real world, a stolen database of hashes is potentially as worrying as a list of unhashed passwords for a large subset of users on a typical website.
If the password cracker finds candidate password whose hash matches the one stored in the database, then he will have recovered the original (weak) password.
Alternatively, if a hash function is not preimage resistant (including when the output of the hash is too short) a guess-and-check procedure may produce false positives. (Alternative passwords not identical to the original.)
The accounts of users from the company with the data breach are still vulnerable because these passwords will unlock a user's account, even if they aren't identical to the original password. (The server has no way to tell if it's the original password. The hash still matches the one in the stolen database in this case.)
Don't intentionally use an insecure hash function, of course... It's still possible to infer the original password or narrow down the number of possibilities. Which would still make users that reuse passwords on other websites extra vulnerable.
answered 2 days ago
Future SecurityFuture Security
931212
edited 2 days ago
answered 2 days ago
Future SecurityFuture Security
931212
answered 2 days ago
Future SecurityFuture Security
931212
answered 2 days ago
Future SecurityFuture Security
931212
931212
1
"You hash a large number of passwords, then check if the output matches any of the stored hashes." Salting defeates this.
– Taemyr
5 hours ago
add a comment |
1
"You hash a large number of passwords, then check if the output matches any of the stored hashes." Salting defeates this.
– Taemyr
5 hours ago
1
1
"You hash a large number of passwords, then check if the output matches any of the stored hashes." Salting defeates this.
– Taemyr
5 hours ago
"You hash a large number of passwords, then check if the output matches any of the stored hashes." Salting defeates this.
– Taemyr
5 hours ago
add a comment |
Many possibilities:
Even though passwords should be hashed before storage, it's not always the case. Sadly, even today, there are still plenty of passwords stored as cleartext. Steal database, get all passwords.
Passwords could be stored somewhere else. Passwords could be included in logs, for instance. Steal logs, get all passwords that were used in those logs.
Passwords could be hashed but not salted. So you build a list of password -> hash combinations based on all sorts of passwords. You reverse this table so it becomes hash -> password (lookup table). Get database, convert hashes to passwords, get lots of passwords.
Passwords are hashed and salted. But lots of users use very weak passwords (123456, password, letmein, qwerty...). Try lists of passwords against those hashes. Get database, make a dictionary attack on hashes, get lots of passwords.
Variation on the previous one, instead of a pre-determined list of passwords, try passwords based on other information you have about the user (username, first name, last name, date of birth, e-mail...).
Yet another variation, as many users re-use the same password: try passwords for the same e-mail recovered from other breaches.
Yet another variation, when there is a strong password policy in place which requires changing passwords on a regular basis: if you have a previous password for the user, just try changing the final numbers: if user had password "joe12" at one point, try joe13, joe14, joe15... If you have the date the initial password was valid and know the password change interval, it can be quite quick.
Passwords are hashed and salted, but use weak (fast) hashes. Same as #4-7, but you can do a lot more attempts a lot more quickly, so you can try a larger dictionary, or even try quite systematically all combinations (brute force attack).
Communication between clients and servers are susceptible to man-in-the-middle (MITM) attacks. Passwords are captured on the way.
You perform social engineering. "Hello, this is the IT department, there's an issue with your account, we need to reset something, can you give me your password"? You'd be amazed how often that works if properly framed.
Mass social engineering, aka phishing: send a mass e-mail campaign asking to log into a site which will capture all those passwords.
Hack into the site, and modify it so it sends all passwords received to a remote server (or logs them to a file you'll retrieve later).
Ditto, but modify client-side code to do it. Could be as easy as a stored XSS hack.
A variation on the above: keyloggers.
There's probably quite a few more methods, but that gives you an idea of how easy it can be to recover tons of passwords.
answered 21 hours ago
jcaronjcaron
835413
add a comment |
Many possibilities:
Even though passwords should be hashed before storage, it's not always the case. Sadly, even today, there are still plenty of passwords stored as cleartext. Steal database, get all passwords.
Passwords could be stored somewhere else. Passwords could be included in logs, for instance. Steal logs, get all passwords that were used in those logs.
Passwords could be hashed but not salted. So you build a list of password -> hash combinations based on all sorts of passwords. You reverse this table so it becomes hash -> password (lookup table). Get database, convert hashes to passwords, get lots of passwords.
Passwords are hashed and salted. But lots of users use very weak passwords (123456, password, letmein, qwerty...). Try lists of passwords against those hashes. Get database, make a dictionary attack on hashes, get lots of passwords.
Variation on the previous one, instead of a pre-determined list of passwords, try passwords based on other information you have about the user (username, first name, last name, date of birth, e-mail...).
Yet another variation, as many users re-use the same password: try passwords for the same e-mail recovered from other breaches.
Yet another variation, when there is a strong password policy in place which requires changing passwords on a regular basis: if you have a previous password for the user, just try changing the final numbers: if user had password "joe12" at one point, try joe13, joe14, joe15... If you have the date the initial password was valid and know the password change interval, it can be quite quick.
Passwords are hashed and salted, but use weak (fast) hashes. Same as #4-7, but you can do a lot more attempts a lot more quickly, so you can try a larger dictionary, or even try quite systematically all combinations (brute force attack).
Communication between clients and servers are susceptible to man-in-the-middle (MITM) attacks. Passwords are captured on the way.
You perform social engineering. "Hello, this is the IT department, there's an issue with your account, we need to reset something, can you give me your password"? You'd be amazed how often that works if properly framed.
Mass social engineering, aka phishing: send a mass e-mail campaign asking to log into a site which will capture all those passwords.
Hack into the site, and modify it so it sends all passwords received to a remote server (or logs them to a file you'll retrieve later).
Ditto, but modify client-side code to do it. Could be as easy as a stored XSS hack.
A variation on the above: keyloggers.
There's probably quite a few more methods, but that gives you an idea of how easy it can be to recover tons of passwords.
answered 21 hours ago
jcaronjcaron
835413
add a comment |
Many possibilities:
Even though passwords should be hashed before storage, it's not always the case. Sadly, even today, there are still plenty of passwords stored as cleartext. Steal database, get all passwords.
Passwords could be stored somewhere else. Passwords could be included in logs, for instance. Steal logs, get all passwords that were used in those logs.
Passwords could be hashed but not salted. So you build a list of password -> hash combinations based on all sorts of passwords. You reverse this table so it becomes hash -> password (lookup table). Get database, convert hashes to passwords, get lots of passwords.
Passwords are hashed and salted. But lots of users use very weak passwords (123456, password, letmein, qwerty...). Try lists of passwords against those hashes. Get database, make a dictionary attack on hashes, get lots of passwords.
Variation on the previous one, instead of a pre-determined list of passwords, try passwords based on other information you have about the user (username, first name, last name, date of birth, e-mail...).
Yet another variation, as many users re-use the same password: try passwords for the same e-mail recovered from other breaches.
Yet another variation, when there is a strong password policy in place which requires changing passwords on a regular basis: if you have a previous password for the user, just try changing the final numbers: if user had password "joe12" at one point, try joe13, joe14, joe15... If you have the date the initial password was valid and know the password change interval, it can be quite quick.
Passwords are hashed and salted, but use weak (fast) hashes. Same as #4-7, but you can do a lot more attempts a lot more quickly, so you can try a larger dictionary, or even try quite systematically all combinations (brute force attack).
Communication between clients and servers are susceptible to man-in-the-middle (MITM) attacks. Passwords are captured on the way.
You perform social engineering. "Hello, this is the IT department, there's an issue with your account, we need to reset something, can you give me your password"? You'd be amazed how often that works if properly framed.
Mass social engineering, aka phishing: send a mass e-mail campaign asking to log into a site which will capture all those passwords.
Hack into the site, and modify it so it sends all passwords received to a remote server (or logs them to a file you'll retrieve later).
Ditto, but modify client-side code to do it. Could be as easy as a stored XSS hack.
A variation on the above: keyloggers.
There's probably quite a few more methods, but that gives you an idea of how easy it can be to recover tons of passwords.
answered 21 hours ago
jcaronjcaron
835413
Many possibilities:
Even though passwords should be hashed before storage, it's not always the case. Sadly, even today, there are still plenty of passwords stored as cleartext. Steal database, get all passwords.
Passwords could be stored somewhere else. Passwords could be included in logs, for instance. Steal logs, get all passwords that were used in those logs.
Passwords could be hashed but not salted. So you build a list of password -> hash combinations based on all sorts of passwords. You reverse this table so it becomes hash -> password (lookup table). Get database, convert hashes to passwords, get lots of passwords.
Passwords are hashed and salted. But lots of users use very weak passwords (123456, password, letmein, qwerty...). Try lists of passwords against those hashes. Get database, make a dictionary attack on hashes, get lots of passwords.
Variation on the previous one, instead of a pre-determined list of passwords, try passwords based on other information you have about the user (username, first name, last name, date of birth, e-mail...).
Yet another variation, as many users re-use the same password: try passwords for the same e-mail recovered from other breaches.
Yet another variation, when there is a strong password policy in place which requires changing passwords on a regular basis: if you have a previous password for the user, just try changing the final numbers: if user had password "joe12" at one point, try joe13, joe14, joe15... If you have the date the initial password was valid and know the password change interval, it can be quite quick.
Passwords are hashed and salted, but use weak (fast) hashes. Same as #4-7, but you can do a lot more attempts a lot more quickly, so you can try a larger dictionary, or even try quite systematically all combinations (brute force attack).
Communication between clients and servers are susceptible to man-in-the-middle (MITM) attacks. Passwords are captured on the way.
You perform social engineering. "Hello, this is the IT department, there's an issue with your account, we need to reset something, can you give me your password"? You'd be amazed how often that works if properly framed.
Mass social engineering, aka phishing: send a mass e-mail campaign asking to log into a site which will capture all those passwords.
Hack into the site, and modify it so it sends all passwords received to a remote server (or logs them to a file you'll retrieve later).
Ditto, but modify client-side code to do it. Could be as easy as a stored XSS hack.
A variation on the above: keyloggers.
There's probably quite a few more methods, but that gives you an idea of how easy it can be to recover tons of passwords.
answered 21 hours ago
jcaronjcaron
835413
edited 21 hours ago
answered 21 hours ago
jcaronjcaron
835413
answered 21 hours ago
jcaronjcaron
835413
answered 21 hours ago
jcaronjcaron
835413
835413
add a comment |
add a comment |
As we are not discussing how the passwords have been stolen, and more so the aftermath, I'll avoid the many number of factors said companies should implement to help prevent these data breaches.
If you make a website and manage the database, it's down to us to store that information efficiently. If we don't, when there is a data breach attackers can view passwords in what may as well be plain text, as often is the case (depending on the way in which these are stored).
In short, you'd never want this to happen! -- Password cracking is a very common and real thing, just because passwords are hashed does not make them in any way secure.
Let's say a company has 1000 customer passwords, all of which are hashed.
Let's say 600 of those customers had a password, 8 characters long, the likelihood of those passwords being cracked within the first 5 minutes (being generous) is very high.
"5 minutes?! But they were hashed!"....
Yeah, but the passwords of those 600 customers were still poor, along with an equally poor hashing algorithm.
Without going into too much detail in the interest of simplifying the explanation; password cracking works by simply matching the hash to a dictionary file of words, running through each word to see if their hash matches the ones that have been obtained from those 600 customers, for example, your password might be:
Password: Security
MD5 Hashed: 2FAE32629D4EF4FC6341F1751B405E45
I then just run some favorable hacking tools against those hashes to "crack" them.
Should you ever want to store passwords yourself, MD5 should be avoided, above was purely for example purposes. Instead, research the stronger types of hashing algorithms, it makes it much harder for attackers to successfully make use of the passwords they have stolen.
The short answer; hashing, or whatever format you store your passwords has no effect on the ability for hackers to steal these. They are stolen because of a variety of different vulnerabilities. There are a multitude of attacks in which help obtain passwords (hashed or not).
edited 2 days ago
schroeder♦
77.5k30171207
answered 2 days ago
Tipping44Tipping44
1322
New contributor
Tipping44 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
10
Just to note that with a weak password like 'Security', you don't even need a cracking tool, you can just Google 2FAE32629D4EF4FC6341F1751B405E45
– richardb
yesterday
2
And even more so, now that this article is indexed!
– Mark K Cowan
18 hours ago
add a comment |
As we are not discussing how the passwords have been stolen, and more so the aftermath, I'll avoid the many number of factors said companies should implement to help prevent these data breaches.
If you make a website and manage the database, it's down to us to store that information efficiently. If we don't, when there is a data breach attackers can view passwords in what may as well be plain text, as often is the case (depending on the way in which these are stored).
In short, you'd never want this to happen! -- Password cracking is a very common and real thing, just because passwords are hashed does not make them in any way secure.
Let's say a company has 1000 customer passwords, all of which are hashed.
Let's say 600 of those customers had a password, 8 characters long, the likelihood of those passwords being cracked within the first 5 minutes (being generous) is very high.
"5 minutes?! But they were hashed!"....
Yeah, but the passwords of those 600 customers were still poor, along with an equally poor hashing algorithm.
Without going into too much detail in the interest of simplifying the explanation; password cracking works by simply matching the hash to a dictionary file of words, running through each word to see if their hash matches the ones that have been obtained from those 600 customers, for example, your password might be:
Password: Security
MD5 Hashed: 2FAE32629D4EF4FC6341F1751B405E45
I then just run some favorable hacking tools against those hashes to "crack" them.
Should you ever want to store passwords yourself, MD5 should be avoided, above was purely for example purposes. Instead, research the stronger types of hashing algorithms, it makes it much harder for attackers to successfully make use of the passwords they have stolen.
The short answer; hashing, or whatever format you store your passwords has no effect on the ability for hackers to steal these. They are stolen because of a variety of different vulnerabilities. There are a multitude of attacks in which help obtain passwords (hashed or not).
edited 2 days ago
schroeder♦
77.5k30171207
answered 2 days ago
Tipping44Tipping44
1322
New contributor
Tipping44 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
10
Just to note that with a weak password like 'Security', you don't even need a cracking tool, you can just Google 2FAE32629D4EF4FC6341F1751B405E45
– richardb
yesterday
2
And even more so, now that this article is indexed!
– Mark K Cowan
18 hours ago
add a comment |
As we are not discussing how the passwords have been stolen, and more so the aftermath, I'll avoid the many number of factors said companies should implement to help prevent these data breaches.
If you make a website and manage the database, it's down to us to store that information efficiently. If we don't, when there is a data breach attackers can view passwords in what may as well be plain text, as often is the case (depending on the way in which these are stored).
In short, you'd never want this to happen! -- Password cracking is a very common and real thing, just because passwords are hashed does not make them in any way secure.
Let's say a company has 1000 customer passwords, all of which are hashed.
Let's say 600 of those customers had a password, 8 characters long, the likelihood of those passwords being cracked within the first 5 minutes (being generous) is very high.
"5 minutes?! But they were hashed!"....
Yeah, but the passwords of those 600 customers were still poor, along with an equally poor hashing algorithm.
Without going into too much detail in the interest of simplifying the explanation; password cracking works by simply matching the hash to a dictionary file of words, running through each word to see if their hash matches the ones that have been obtained from those 600 customers, for example, your password might be:
Password: Security
MD5 Hashed: 2FAE32629D4EF4FC6341F1751B405E45
I then just run some favorable hacking tools against those hashes to "crack" them.
Should you ever want to store passwords yourself, MD5 should be avoided, above was purely for example purposes. Instead, research the stronger types of hashing algorithms, it makes it much harder for attackers to successfully make use of the passwords they have stolen.
The short answer; hashing, or whatever format you store your passwords has no effect on the ability for hackers to steal these. They are stolen because of a variety of different vulnerabilities. There are a multitude of attacks in which help obtain passwords (hashed or not).
edited 2 days ago
schroeder♦
77.5k30171207
answered 2 days ago
Tipping44Tipping44
1322
New contributor
Tipping44 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
As we are not discussing how the passwords have been stolen, and more so the aftermath, I'll avoid the many number of factors said companies should implement to help prevent these data breaches.
If you make a website and manage the database, it's down to us to store that information efficiently. If we don't, when there is a data breach attackers can view passwords in what may as well be plain text, as often is the case (depending on the way in which these are stored).
In short, you'd never want this to happen! -- Password cracking is a very common and real thing, just because passwords are hashed does not make them in any way secure.
Let's say a company has 1000 customer passwords, all of which are hashed.
Let's say 600 of those customers had a password, 8 characters long, the likelihood of those passwords being cracked within the first 5 minutes (being generous) is very high.
"5 minutes?! But they were hashed!"....
Yeah, but the passwords of those 600 customers were still poor, along with an equally poor hashing algorithm.
Without going into too much detail in the interest of simplifying the explanation; password cracking works by simply matching the hash to a dictionary file of words, running through each word to see if their hash matches the ones that have been obtained from those 600 customers, for example, your password might be:
Password: Security
MD5 Hashed: 2FAE32629D4EF4FC6341F1751B405E45
I then just run some favorable hacking tools against those hashes to "crack" them.
Should you ever want to store passwords yourself, MD5 should be avoided, above was purely for example purposes. Instead, research the stronger types of hashing algorithms, it makes it much harder for attackers to successfully make use of the passwords they have stolen.
The short answer; hashing, or whatever format you store your passwords has no effect on the ability for hackers to steal these. They are stolen because of a variety of different vulnerabilities. There are a multitude of attacks in which help obtain passwords (hashed or not).
edited 2 days ago
schroeder♦
77.5k30171207
answered 2 days ago
Tipping44Tipping44
1322
New contributor
Tipping44 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 2 days ago
schroeder♦
77.5k30171207
edited 2 days ago
schroeder♦
77.5k30171207
edited 2 days ago
schroeder♦
77.5k30171207
77.5k30171207
answered 2 days ago
Tipping44Tipping44
1322
New contributor
Tipping44 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 days ago
Tipping44Tipping44
1322
answered 2 days ago
Tipping44Tipping44
1322
1322
New contributor
Tipping44 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Tipping44 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Tipping44 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
10
Just to note that with a weak password like 'Security', you don't even need a cracking tool, you can just Google 2FAE32629D4EF4FC6341F1751B405E45
– richardb
yesterday
2
And even more so, now that this article is indexed!
– Mark K Cowan
18 hours ago
add a comment |
10
Just to note that with a weak password like 'Security', you don't even need a cracking tool, you can just Google 2FAE32629D4EF4FC6341F1751B405E45
– richardb
yesterday
2
And even more so, now that this article is indexed!
– Mark K Cowan
18 hours ago
10
10
Just to note that with a weak password like 'Security', you don't even need a cracking tool, you can just Google 2FAE32629D4EF4FC6341F1751B405E45
– richardb
yesterday
Just to note that with a weak password like 'Security', you don't even need a cracking tool, you can just Google 2FAE32629D4EF4FC6341F1751B405E45
– richardb
yesterday
2
2
And even more so, now that this article is indexed!
– Mark K Cowan
18 hours ago
And even more so, now that this article is indexed!
– Mark K Cowan
18 hours ago
add a comment |
Also take the following attack vector into consideration for web applications:
If the attacker can modify the frontend code, then with a small script the plaintext passwords could be "sniffed" for a while.
If the script can be injected from the backend, then it could be set to only show for visitors from certain countries to better protect against malicious frontend code change detection automations in place running in the same country where the application is being run from.
answered 2 days ago
SevronSevron
1376
add a comment |
Also take the following attack vector into consideration for web applications:
If the attacker can modify the frontend code, then with a small script the plaintext passwords could be "sniffed" for a while.
If the script can be injected from the backend, then it could be set to only show for visitors from certain countries to better protect against malicious frontend code change detection automations in place running in the same country where the application is being run from.
answered 2 days ago
SevronSevron
1376
add a comment |
Also take the following attack vector into consideration for web applications:
If the attacker can modify the frontend code, then with a small script the plaintext passwords could be "sniffed" for a while.
If the script can be injected from the backend, then it could be set to only show for visitors from certain countries to better protect against malicious frontend code change detection automations in place running in the same country where the application is being run from.
answered 2 days ago
SevronSevron
1376
Also take the following attack vector into consideration for web applications:
If the attacker can modify the frontend code, then with a small script the plaintext passwords could be "sniffed" for a while.
If the script can be injected from the backend, then it could be set to only show for visitors from certain countries to better protect against malicious frontend code change detection automations in place running in the same country where the application is being run from.
answered 2 days ago
SevronSevron
1376
answered 2 days ago
SevronSevron
1376
answered 2 days ago
SevronSevron
1376
answered 2 days ago
SevronSevron
1376
1376
add a comment |
add a comment |
While storing passwords in hashed form is desirable, it can also pose some difficulties. If it is necessary for one entity to issue a request to another entity on behalf of a user, and the second entity requires submission of plaintext passwords for validation, the first entity will need to hold the user's password in a form that would be convertible to plaintext.
To allow for this, companies may store passwords in various kinds of hardware security modules which audit all attempts to retrieve passwords from them. This approach mitigates many of the dangers involved with plaintext password storage. It can't mitigate all of the dangers, but if an entity is supposed to have authority to access an outside entity on behalf of a user, and the outside entity won't accept anything other than the user's password as evidence of that authority, some of the dangers associated with plain-text passwords will be inescapable no matter what the first entity tries to do.
answered 15 hours ago
supercatsupercat
1,74279
add a comment |
While storing passwords in hashed form is desirable, it can also pose some difficulties. If it is necessary for one entity to issue a request to another entity on behalf of a user, and the second entity requires submission of plaintext passwords for validation, the first entity will need to hold the user's password in a form that would be convertible to plaintext.
To allow for this, companies may store passwords in various kinds of hardware security modules which audit all attempts to retrieve passwords from them. This approach mitigates many of the dangers involved with plaintext password storage. It can't mitigate all of the dangers, but if an entity is supposed to have authority to access an outside entity on behalf of a user, and the outside entity won't accept anything other than the user's password as evidence of that authority, some of the dangers associated with plain-text passwords will be inescapable no matter what the first entity tries to do.
answered 15 hours ago
supercatsupercat
1,74279
add a comment |
While storing passwords in hashed form is desirable, it can also pose some difficulties. If it is necessary for one entity to issue a request to another entity on behalf of a user, and the second entity requires submission of plaintext passwords for validation, the first entity will need to hold the user's password in a form that would be convertible to plaintext.
To allow for this, companies may store passwords in various kinds of hardware security modules which audit all attempts to retrieve passwords from them. This approach mitigates many of the dangers involved with plaintext password storage. It can't mitigate all of the dangers, but if an entity is supposed to have authority to access an outside entity on behalf of a user, and the outside entity won't accept anything other than the user's password as evidence of that authority, some of the dangers associated with plain-text passwords will be inescapable no matter what the first entity tries to do.
answered 15 hours ago
supercatsupercat
1,74279
While storing passwords in hashed form is desirable, it can also pose some difficulties. If it is necessary for one entity to issue a request to another entity on behalf of a user, and the second entity requires submission of plaintext passwords for validation, the first entity will need to hold the user's password in a form that would be convertible to plaintext.
To allow for this, companies may store passwords in various kinds of hardware security modules which audit all attempts to retrieve passwords from them. This approach mitigates many of the dangers involved with plaintext password storage. It can't mitigate all of the dangers, but if an entity is supposed to have authority to access an outside entity on behalf of a user, and the outside entity won't accept anything other than the user's password as evidence of that authority, some of the dangers associated with plain-text passwords will be inescapable no matter what the first entity tries to do.
answered 15 hours ago
supercatsupercat
1,74279
answered 15 hours ago
supercatsupercat
1,74279
answered 15 hours ago
supercatsupercat
1,74279
answered 15 hours ago
supercatsupercat
1,74279
1,74279
add a comment |
add a comment |
W2a is a new contributor. Be nice, and check out our Code of Conduct.
W2a is a new contributor. Be nice, and check out our Code of Conduct.
W2a is a new contributor. Be nice, and check out our Code of Conduct.
W2a is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f205519%2fhow-are-passwords-stolen-from-companies-if-they-only-store-hashes%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
5
Passwords could be stolen also by eavesdropping them on the points they pass unencrypted. And at least on a point they are unencrypted, namely on the keyboard of the user.
– peterh
2 days ago
112
"Everywhere I look it says servers store passwords in hashed form" No, it says servers should store passwords in hashed form!!
– Lightness Races in Orbit
2 days ago
7
If you password is "123abc", no amount of hashing, salting or peppering will keep your account secure once the database is stolen.
– Dmitry Grigoryev
yesterday
You also need to educate people about security. If your password has enough entropy, you use hashes and salt but your employees write down passwords on post-it and leave them around, or just give them to that colleague who "really needs that file on the server" you will have problems. Look up "Social Engineering"
– Axel2D
20 hours ago
2
I worked a food counter for long enough that for a half-dozen combos, if you told me a customer's total, I could tell you what they ordered, without a receipt or knowledge of their particular order.
– dandavis
17 hours ago