"Russan Gang Amasses Over A Billion Stolen Passwords"

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Mudpuppy
Posts: 7409
Joined: Sat Aug 27, 2011 2:26 am
Location: Sunny California

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Mudpuppy »

BolderBoy wrote:And salting is so easy to do, there is no excuse not to do it, prior to the hashing. Add in SHA2(512) or SHA3 level hashing and breaking the PW is virtually insurmountable at this time.
I just led a workshop on this the other week, so I did a little research into the current state of GPU password cracking. An 8 GPU rig using high-end ATI cards and oclHashcat-plus can make about 12 billion guesses/second with SHA256 and 2 billion guesses/second with SHA512. Adding salts only slows that down by the number of unique salts in the database.

The sort of rig an organized crime ring could build would be orders of magnitude faster. It is not infeasible to crack SHA256 or SHA512 hashed passwords anymore. And the only thing that is slowing down the cracking of SHA3 is that few GPU tools support the algorithm yet. It is really better for passwords to be hashed with a hash function meant for passwords like bcrypt, not a generic cryptographic hash function like the SHA family.
User avatar
BolderBoy
Posts: 6755
Joined: Wed Apr 07, 2010 12:16 pm
Location: Colorado

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by BolderBoy »

Mudpuppy wrote:Adding salts only slows that down by the number of unique salts in the database.
When I write password routines, the salts are long - 64 bytes minimum, drawn from generated UUID values and itself hashed - always unique per user and the hacker would have no idea what I did with the salt vis-a-vis the entered password. Since I'm not an expert at this I presume those who are can at the very least do what I do which vastly complicates the breaking of the password.

I know what you are talking about - a nice 1-2 byte salt either pre-pended or appended to the entered password. That is laughable, though I expect it is what many security folks are doing.

The purpose of a salt is to literally sprinkle it all about. There is lower hanging fruit than my salted passwords.

Also agree that bcrypt is a better hasher than the SHA2-3 family.
Call_Me_Op
Posts: 9883
Joined: Mon Sep 07, 2009 2:57 pm
Location: Milky Way

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Call_Me_Op »

Dumb question (perhaps): Since a website (e.g., Fidelity) will typically flag 3 or more attempts to enter a password (for any given username), how can these programs go through millions and billions of character combinations to find the right one? In other words, what is their test metric?
Best regards, -Op | | "In the middle of difficulty lies opportunity." Einstein
jchef
Posts: 263
Joined: Wed Aug 29, 2012 7:04 am

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by jchef »

Call_Me_Op wrote:Dumb question (perhaps): Since a website (e.g., Fidelity) will typically flag 3 or more attempts to enter a password (for any given username), how can these programs go through millions and billions of character combinations to find the right one? In other words, what is their test metric?
They are working with stolen password files.

So in your example, they will have broken into Fidelity's systems and stolen the password file. The password file would be hashed, so they would then spend billions of attempts to try to extract the passwords from the hashed file.

Of course they instead may have done the same in a smaller site. And if you were a member of the smaller site and happen to use to reuse username and passwords, they may get into a financial site that way.
User avatar
Steelersfan
Posts: 4129
Joined: Thu Jun 19, 2008 8:47 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Steelersfan »

jchef wrote:
Call_Me_Op wrote:Dumb question (perhaps): Since a website (e.g., Fidelity) will typically flag 3 or more attempts to enter a password (for any given username), how can these programs go through millions and billions of character combinations to find the right one? In other words, what is their test metric?
They are working with stolen password files.

So in your example, they will have broken into Fidelity's systems and stolen the password file. The password file would be hashed, so they would then spend billions of attempts to try to extract the passwords from the hashed file.

Of course they instead may have done the same in a smaller site. And if you were a member of the smaller site and happen to use to reuse username and passwords, they may get into a financial site that way.
But how do they know that they've got my password correctly decrypted if they can't test it, along with my userid, to see if they can actually gain access ?
Call_Me_Op
Posts: 9883
Joined: Mon Sep 07, 2009 2:57 pm
Location: Milky Way

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Call_Me_Op »

Steelersfan wrote:
jchef wrote:
Call_Me_Op wrote:Dumb question (perhaps): Since a website (e.g., Fidelity) will typically flag 3 or more attempts to enter a password (for any given username), how can these programs go through millions and billions of character combinations to find the right one? In other words, what is their test metric?
They are working with stolen password files.

So in your example, they will have broken into Fidelity's systems and stolen the password file. The password file would be hashed, so they would then spend billions of attempts to try to extract the passwords from the hashed file.

Of course they instead may have done the same in a smaller site. And if you were a member of the smaller site and happen to use to reuse username and passwords, they may get into a financial site that way.
But how do they know that they've got my password correctly decrypted if they can't test it, along with my userid, to see if they can actually gain access ?
My question exactly - restated.
Best regards, -Op | | "In the middle of difficulty lies opportunity." Einstein
jchef
Posts: 263
Joined: Wed Aug 29, 2012 7:04 am

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by jchef »

Steelersfan wrote:
jchef wrote:
Call_Me_Op wrote:Dumb question (perhaps): Since a website (e.g., Fidelity) will typically flag 3 or more attempts to enter a password (for any given username), how can these programs go through millions and billions of character combinations to find the right one? In other words, what is their test metric?
They are working with stolen password files.

So in your example, they will have broken into Fidelity's systems and stolen the password file. The password file would be hashed, so they would then spend billions of attempts to try to extract the passwords from the hashed file.

Of course they instead may have done the same in a smaller site. And if you were a member of the smaller site and happen to use to reuse username and passwords, they may get into a financial site that way.
But how do they know that they've got my password correctly decrypted if they can't test it, along with my userid, to see if they can actually gain access ?
That's not how a hash works. Here's a website to generate a SHA1 hash: http://www.sha1-online.com
(don't enter an actual password on this site)


Let's say your password was: 123456
You can see from the above website your hash will be: 7c4a8d09ca3762af61e59520943dc26494f8941b

This hash is what is going to be storied in the password file. Your password of 123456 is not stored anywhere on the website's server . When you log in, they generate the hash of the password you entered and see if it matches the hash in the password file.


So if someone steals the password file, they are just going to generate billions of hashes to test against the hashes in the password file. Eventually they are going to test 123456 and see that hash of this matches a hash in the password file. They will then know 123456 is your password.


Edit: I should probably add that hashes are complicated mathematical functions which basically only act in one direction.

So given 123456 I can very easily generate its SHA1 hash of 7c4a8d09ca3762af61e59520943dc26494f8941b

However given the hash value there is no easy way to generate 123456 (assuming the hash function has been properly designed). The only option is brute force, trying every single possible input until you finally find the input that generates that hash.
Call_Me_Op
Posts: 9883
Joined: Mon Sep 07, 2009 2:57 pm
Location: Milky Way

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Call_Me_Op »

jchef wrote:
Steelersfan wrote:
jchef wrote:
Call_Me_Op wrote:Dumb question (perhaps): Since a website (e.g., Fidelity) will typically flag 3 or more attempts to enter a password (for any given username), how can these programs go through millions and billions of character combinations to find the right one? In other words, what is their test metric?
They are working with stolen password files.

So in your example, they will have broken into Fidelity's systems and stolen the password file. The password file would be hashed, so they would then spend billions of attempts to try to extract the passwords from the hashed file.

Of course they instead may have done the same in a smaller site. And if you were a member of the smaller site and happen to use to reuse username and passwords, they may get into a financial site that way.
But how do they know that they've got my password correctly decrypted if they can't test it, along with my userid, to see if they can actually gain access ?
That's not how a hash works. Here's a website to generate a SHA1 hash: http://www.sha1-online.com
(don't enter an actual password on this site)


Let's say your password was: 123456
You can see from the above website your hash will be: 7c4a8d09ca3762af61e59520943dc26494f8941b

This hash is what is going to be storied in the password file. Your password of 123456 is not stored anywhere on the website's server . When you log in, they generate the hash of the password you entered and see if it matches the hash in the password file.


So if someone steals the password file, they are just going to generate billions of hashes to test against the hashes in the password file. Eventually they are going to test 123456 and see that hash of this matches a hash in the password file. They will then know 123456 is your password.
So basically, (I think you are in effect suggesting that) the "hashing function" is a known algorithm. Why is it a good idea to encrypt passwords using a known algorithm?
Best regards, -Op | | "In the middle of difficulty lies opportunity." Einstein
jchef
Posts: 263
Joined: Wed Aug 29, 2012 7:04 am

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by jchef »

Call_Me_Op wrote:
jchef wrote:
Steelersfan wrote:
jchef wrote:
Call_Me_Op wrote:Dumb question (perhaps): Since a website (e.g., Fidelity) will typically flag 3 or more attempts to enter a password (for any given username), how can these programs go through millions and billions of character combinations to find the right one? In other words, what is their test metric?
They are working with stolen password files.

So in your example, they will have broken into Fidelity's systems and stolen the password file. The password file would be hashed, so they would then spend billions of attempts to try to extract the passwords from the hashed file.

Of course they instead may have done the same in a smaller site. And if you were a member of the smaller site and happen to use to reuse username and passwords, they may get into a financial site that way.
But how do they know that they've got my password correctly decrypted if they can't test it, along with my userid, to see if they can actually gain access ?
That's not how a hash works. Here's a website to generate a SHA1 hash: http://www.sha1-online.com
(don't enter an actual password on this site)


Let's say your password was: 123456
You can see from the above website your hash will be: 7c4a8d09ca3762af61e59520943dc26494f8941b

This hash is what is going to be storied in the password file. Your password of 123456 is not stored anywhere on the website's server . When you log in, they generate the hash of the password you entered and see if it matches the hash in the password file.


So if someone steals the password file, they are just going to generate billions of hashes to test against the hashes in the password file. Eventually they are going to test 123456 and see that hash of this matches a hash in the password file. They will then know 123456 is your password.
So basically, (I think you are in effect suggesting that) the "hashing function" is a known algorithm. Why is it a good idea to encrypt passwords using a known algorithm?
I made an edit to my previous post which I think answers your question. Because hashes are one way functions, even knowing the hash doesn't help you too much. You'll still need to use brute force.

Of course the SHA1 example I'm using is actually a very bad choice of a hash function for passwords. This is the hash function LinkedIn was using when they were hacked and the problem with this particular hash function is that it is very fast, meaning with a reasonably powerful computer you can check billions of hashes per second.

But if you use a slow hash function and an additional security known as a salt, it can make brute forcing incredibly slow and to be mostly ineffective.
User avatar
Steelersfan
Posts: 4129
Joined: Thu Jun 19, 2008 8:47 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Steelersfan »

jchef wrote:
Let's say your password was: 123456
You can see from the above website your hash will be: 7c4a8d09ca3762af61e59520943dc26494f8941b

This hash is what is going to be storied in the password file. Your password of 123456 is not stored anywhere on the website's server . When you log in, they generate the hash of the password you entered and see if it matches the hash in the password file.


So if someone steals the password file, they are just going to generate billions of hashes to test against the hashes in the password file. Eventually they are going to test 123456 and see that hash of this matches a hash in the password file. They will then know 123456 is your password.


Edit: I should probably add that hashes are complicated mathematical functions which basically only act in one direction.

So given 123456 I can very easily generate its SHA1 hash of 7c4a8d09ca3762af61e59520943dc26494f8941b

However given the hash value there is no easy way to generate 123456 (assuming the hash function has been properly designed). The only option is brute force, trying every single possible input until you finally find the input that generates that hash.
Good explanation and is why longer passwords are better than shorter ones since they'll have to try more combinations before they get to the right one.

But don't they have to do that all over again for every password in the file? So if a site has a million passwords, they'll have to do them all to get all the passwords? That reduces the odds they'll get mine, unless they target my particular ID.
User avatar
Electron
Posts: 2658
Joined: Sat Mar 10, 2007 7:46 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Electron »

Even if the hashed password is cracked, the hacker could not log in without user name and security question answers if used at that site. Most of the financial sites seem to use either security questions or two part authentication if they don't recognize your computer. That might involve a cookie previously stored on your computer. I don't know if this is accurate, but I thought I read that some sites might detect where the attempted login is originating and require extra steps if the location does not match information in their records.

Correct me if I am missing anything. I assume that they have user name and hashed password pairs. Has anyone heard if security question answers have also been compromised?

This might be a good time to review security questions and have answers that are not easily guessed.
Enjoying the Outdoors
jchef
Posts: 263
Joined: Wed Aug 29, 2012 7:04 am

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by jchef »

Steelersfan wrote: Good explanation and is why longer passwords are better than shorter ones since they'll have to try more combinations before they get to the right one.

But don't they have to do that all over again for every password in the file? So if a site has a million passwords, they'll have to do them all to get all the passwords? That reduces the odds they'll get mine, unless they target my particular ID.
It depends if they salt their passwords or not.


If they don't salt their passwords and two or more people use 123456 as their password, then they are going to have the exact same hashes.



A salt a randomly generated value that is concatenated onto your password before it's hashed.

So if User 1 has a password of: 123456
And their randomly generated salt when they created their account is: abcdef
What you would actually hash is: 123456abcdef
For a hash value of: d4fbef92af33c1789d9130384a56737d181cc6df

So everytime User 1 logs in, the machine automatically adds abcdef to their password before hashing it and checking the hash against the password file.


Now User 2 may also have a password of 123456. However their randomly generated salt would be different than User 1. Meaning their hash would also be different.



The salts are kept in clear text in the password file. So if someone steals the password file they have the salts. But the salts mean they need to break each password individually. Which makes the process much longer.
User avatar
BolderBoy
Posts: 6755
Joined: Wed Apr 07, 2010 12:16 pm
Location: Colorado

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by BolderBoy »

Steelersfan wrote:But don't they have to do that all over again for every password in the file? So if a site has a million passwords, they'll have to do them all to get all the passwords? That reduces the odds they'll get mine, unless they target my particular ID.
They operate with ready-made tables of hash values for millions of passwords, starting with the most common statistically and working down both sides of the bell curve from there. All they are doing is comparing their tabled hash with each one in the password database they snitched. A million such comparisons might take a minute or two on most any standard, modern desktop (and the serious guys are using super desktops). From this they build a new database of matching hashes connected with the userids. Then they concentrate on those. They'll go after the easy targets first. Since they know most people reuse the same passwords and userids everywhere, there is plenty for them to do before they get around to you and your obscurely salted and hashed password and meaningless userid (right?)
User avatar
Steelersfan
Posts: 4129
Joined: Thu Jun 19, 2008 8:47 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Steelersfan »

BolderBoy wrote:there is plenty for them to do before they get around to you and your obscurely salted and hashed password and meaningless userid (right?)
Right! :wink:

This has been very enlightening.

I just added more characters to my password. :sharebeer
Mudpuppy
Posts: 7409
Joined: Sat Aug 27, 2011 2:26 am
Location: Sunny California

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Mudpuppy »

Just to summarize what BoulderBoy and jchef already described, a password database might look something like this:

Code: Select all

username      userID     email address       other plaintext information         password salt            hashed password
The attacker would then simplify this down to the password salt and hashed password, and perhaps the username (although they could just look that up in the original table later on).

The first pass would be to remove any duplicates (normally people with the same password and salt, although occasionally hash functions have "collisions" where entirely different passwords + same salts = same hash). The second pass would be to look up the salt+hash in a rainbow table (the tables BoulderBoy described) to find all of the "low-hanging fruit". All hash functions are vulnerable to this pass, regardless of time complexity of the hash function (only storage space complexity bounds rainbow table attacks, which is why longer passwords are generally better, it usually takes too much space to store the hashes and salts of really long passwords).

The third pass is to send the remaining salts and hashes to a GPU cracking rig, or perhaps even distribute it amongst many GPU cracking rigs. They don't have to jump straight into brute force at this point either. They can do pattern analysis in order to guide the search. In the case where they already have a corpus of cracked passwords of the size of this particular gang, they could even do targeted pattern analysis (e.g. look up the email address on the already cracked sites list to see if the user has a simple password scheme like basePattern+siteName). This will get them the remaining low-to-mid-hanging fruit (e.g. moderate length passwords, long passwords built off common phrases, long passwords built off patterns).

They then can move on to brute-forcing the remaining hashes. This involves generating all permutations of a x character password in the 96 character printable character set (or the high-order ASCII set, but that's more complexity), hashing them with the salt and seeing if it matches the stored password hash. Depending on the value of the target, the size of their cracking rigs, the type of hash function used for the password hashes, they may or may not spend the extra time trying to brute force very long passwords. They might even publish the hashes on the Internet just to see if some bored hacker will save them the time, electricity, and trouble.
Call_Me_Op
Posts: 9883
Joined: Mon Sep 07, 2009 2:57 pm
Location: Milky Way

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Call_Me_Op »

Why wouldn't a given firm use a proprietary hash algorithm? Seems like that would greatly reduce the odds of compromise since the attacker would need more than a bank of fast computers to extract the passwords.They need to know the proprietary hash algorithm.
Best regards, -Op | | "In the middle of difficulty lies opportunity." Einstein
Leesbro63
Posts: 10640
Joined: Mon Nov 08, 2010 3:36 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Leesbro63 »

This has been discussed before but again I want to be sure: OK, so someone cracks my Vanguard (or Fidelity etc) password. Then what? Yeah, they could "sell" a highly appreciated security, incurring big capital gains taxes and create other havoc. But the real risk is that the money gets wired to Latvia. Can that happen? Doesn't Vanguard limit transfers out to accounts that have been preapproved? And wouldn't an email alert be generated?

How great is the REAL risk of a criminal actually getting the money?
Call_Me_Op
Posts: 9883
Joined: Mon Sep 07, 2009 2:57 pm
Location: Milky Way

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Call_Me_Op »

Leesbro63 wrote:This has been discussed before but again I want to be sure: OK, so someone cracks my Vanguard (or Fidelity etc) password. Then what? Yeah, they could "sell" a highly appreciated security, incurring big capital gains taxes and create other havoc. But the real risk is that the money gets wired to Latvia. Can that happen? Doesn't Vanguard limit transfers out to accounts that have been preapproved? And wouldn't an email alert be generated?

How great is the REAL risk of a criminal actually getting the money?
They could potentially redirect email alerts to a new email account, add a new bank routing number to your account and then wire money to that bank account.

Now, I have to believe it is not as simple as the example above. Presumably, you would receive an email alert that your email account has been changed. But if you didn't see it in time, there could be a problem.
Best regards, -Op | | "In the middle of difficulty lies opportunity." Einstein
jchef
Posts: 263
Joined: Wed Aug 29, 2012 7:04 am

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by jchef »

Call_Me_Op wrote:Why wouldn't a given firm use a proprietary hash algorithm? Seems like that would greatly reduce the odds of compromise since the attacker would need more than a bank of fast computers to extract the passwords.They need to know the proprietary hash algorithm.
The math behing hash algorithms is complex and it's difficult to design a good hash function. Well known hash algorithms have gone through a large amount of peer review and testing. Well known public hash algorithms are likely to be have fewer issues than proprietary algorithms.

Besides, the executable code for the hash algorithm is going to have to exist on the same machine that the hashed password file is on. If someone is able to break into the machine to steal the password file, there's a good chance they can also take a memory dump and find the hash algorithm.
jchef
Posts: 263
Joined: Wed Aug 29, 2012 7:04 am

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by jchef »

Leesbro63 wrote:This has been discussed before but again I want to be sure: OK, so someone cracks my Vanguard (or Fidelity etc) password. Then what? Yeah, they could "sell" a highly appreciated security, incurring big capital gains taxes and create other havoc. But the real risk is that the money gets wired to Latvia. Can that happen? Doesn't Vanguard limit transfers out to accounts that have been preapproved? And wouldn't an email alert be generated?

How great is the REAL risk of a criminal actually getting the money?
  • On their own account, the criminals buy a large amount on a low volume penny stock for $0.01 a share.
  • Still on their own account, the criminals put in a sell offer for $0.05 a share
  • Using your account, they make a buy offer for the penny stock for $0.05 a share
You are left holding a large amount of near worthless penny stock and the criminals have made a large amount of money.


Your broker may have security that prevents something like this. But there are more complex schemes and there's a good chance the brokerage can't prevent against everything.
bberris
Posts: 2420
Joined: Sun Feb 20, 2011 8:44 am

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by bberris »

I'm skeptical about this. The guy is promoting protection service. How does he know?
I know it doesn't hurt to change your passwords. But the NYT and others sound way too gullible.
User avatar
Rob5TCP
Posts: 3812
Joined: Tue Jun 05, 2007 7:34 pm
Location: New York, NY

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Rob5TCP »

This has been the most enlightening post on hashing and salting encryption of passwords.
I knew the terms and I knew they involved encryption, but how they functioned, I was not familiar.

Thanks for a most educational post.
Mudpuppy
Posts: 7409
Joined: Sat Aug 27, 2011 2:26 am
Location: Sunny California

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Mudpuppy »

Call_Me_Op wrote:Why wouldn't a given firm use a proprietary hash algorithm? Seems like that would greatly reduce the odds of compromise since the attacker would need more than a bank of fast computers to extract the passwords.They need to know the proprietary hash algorithm.
If the firm wants to pay 6-figures each for a team of a half dozen mathematicians and cryptographers, they might be able to design a good proprietary hash algorithm. Might.... It is very difficult to design a good algorithm, which is why the current algorithms are the product of cryptography "contests" run by standards agencies with multiple levels and multiple years of review.

One of the fundamental tenants of a good cryptographic algorithm is that knowing the algorithm gains the attacker nothing. The attacker must still have to brute force the search instead of using a flaw in the algorithm as a short-cut to finding the answer. Also, the algorithm should be totally and completely public, so that the entire world of cryptographers can analyze it and see if it has a vulnerability that would enable a short-cut. Security through obscurity is an anathema to cryptographers and security professionals, because that usually means half-baked ideas that utterly and completely fail when exposed to the world.

Besides, using a public algorithm gives the attacker nothing but the ability to use an off-the-shelf tool instead of a custom tool. As jchef already pointed out, if they broke into the system far enough to get the password database (usually one of the highest secured files in the system), they could just take your custom tool to reverse engineering and/or use. And as malware like the Zeus family shows, these crime rings have more than enough programmers in their employ to have them make custom tools.
User avatar
LadyGeek
Site Admin
Posts: 95696
Joined: Sat Dec 20, 2008 4:34 pm
Location: Philadelphia
Contact:

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by LadyGeek »

To Mudpuppy's point, throw enough resources at a problem and it will be cracked. The premise also works for the good guys: Cryptolocker victims to get files back for free

How did they crack it so quickly? They got a copy of the Cryptolocker database.
Wiki To some, the glass is half full. To others, the glass is half empty. To an engineer, it's twice the size it needs to be.
bberris
Posts: 2420
Joined: Sun Feb 20, 2011 8:44 am

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by bberris »

Ged wrote:One of the problems with this is that Hold Security is not notifying sites if their credentials are in the database unless they pay a fee. This is really problematical.

http://www.itworld.com/data-protection/ ... heir-heads
I'm always wary of people selling "protection". The NYT has very little skepticism. Did this guy give any evidence at all that what he said was true?
User avatar
zaplunken
Posts: 1368
Joined: Tue Jul 01, 2008 9:07 am

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by zaplunken »

Rob5TCP wrote:This has been the most enlightening post on hashing and salting encryption of passwords.
I knew the terms and I knew they involved encryption, but how they functioned, I was not familiar.

Thanks for a most educational post.
Really! I always follow threads about password security here and I have read all the threads over the past few years. Because of the discussions here 2 years ago I started to use a password safe and very complex userids where possible, passwords and security question answers. I have attempted to understand what a hash, a salt and a rainbow table are but I really didn't understand it until the past 10 or so posts. Now I understand this clearly because this has been so simply explained that it is so easy to grasp! Thank you! :sharebeer
User avatar
BolderBoy
Posts: 6755
Joined: Wed Apr 07, 2010 12:16 pm
Location: Colorado

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by BolderBoy »

And in case some folks missed it, VG bumped up the allowable length of their password field to 20 characters. If there is any *one* password item to change to make a password tougher to break, length is it.

If you're not using a 20ish character PW on VG's site yet, please make a note to change it.
User avatar
Igglesman
Posts: 439
Joined: Fri May 01, 2009 2:20 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Igglesman »

Saw this posted today... with all the discussion on salting and hashing....

http://www.wimp.com/knowpassword/
rkhusky
Posts: 17766
Joined: Thu Aug 18, 2011 8:09 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by rkhusky »

BolderBoy wrote:And in case some folks missed it, VG bumped up the allowable length of their password field to 20 characters. If there is any *one* password item to change to make a password tougher to break, length is it.

If you're not using a 20ish character PW on VG's site yet, please make a note to change it.
This only helps if Vanguard's password file gets stolen. It doesn't really add anything to web login security.
Spiffs
Posts: 224
Joined: Sat Jan 19, 2013 10:33 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Spiffs »

For those who have been enjoying learning about passwords, encryption, and decryption, you also might find these articles enlightening/fascinating (at least, I did!):
"The takeaways are these:

1. You can't use ANY rule to create passwords. Your passwords MUST BE RANDOM.

No rules, no "clever" tweaks, nothing. Random. Anything one human can think of, another can. We're pretty dumb that way. Passwords must be random.

2. You must be ready and able to change any or all passwords at any time. Therefore, coming up with new passwords (random, remember) must be something you can do quickly and correctly even (especially!) when feeling stressed or exhausted.

How do you achieve these things?

First, let go. Realise that professional cryptographers know more about this stuff than you do, so if you disagree with their advice, you're wrong. Then, stop trying to do something that computers are better at than you are, and realise you need to work to your strengths as a human. Then, realise that you can use a computer to do this for you.

(I'm fairly reclusive by modern standards, and I have upwards of 50 passwords. I only remember two of them, though. Most of them I've never even seen.)

Lots of commentators have given you a hint: 'use a password manager.' Bruce Schneier's Password Safe, KeePass2, KeePassX, 1Password, LastPass, others... There are several to choose from. You can wait for the next article on passwords, or you can go ahead now. I chose KeePassX and compatible Android and iOS apps, all using device-local copies of the same password register, helpfully synchronised by DropBox. I'm unlikely to lose all four of my computers at the same time. Even if I do, I can download the list onto replacements.

Get a password manager, and set aside a couple of hours to change your passwords. There's one tiny task to go through first.

Having chosen your password manager, you need to protect access to it. Do what cryptographers do: use a passphrase. That's working to your strengths. Phrases are made of words, and humans are evolved to remember words. Peter Bright pointed out in a comment on the piece about Nathan's password cracking adventures that Randall Munroe's four-word ['Correct Horse Battery Staple'] phrase is not strong enough. But Peter didn't allow for a trivial adjustment. With five words instead of four, Peter's argument is blown out of the water. Five words are, for humans, a LOT easier to remember than 12 random keyboard characters.

But why stop at five? Five is only just good enough, and words are what people are good at: they're your strength. Go large: use seven words.

Passphrases with seven RANDOMLY chosen words (from a large-enough list) should be infeasible to decrypt for the foreseeable future, allowing for double the current rate of growth in hardware and software capabilities. Not my opinion, that of the professionals.

Seven words are easy to remember... You won't forget it -- in fact, the odds are good you'll remember a seven-word phrase the next day, even if you just read it once after generating it. How do you generate a RANDOM sequence of words? Here's the cryptic hint dropped by other commenters: diceware.

Diceware? They mean, 'go to diceware.com, and follow the instructions there for generating a passphrase.' Diceware's method is as valid now as it was in 1996. (If you're a coder, you can cobble up something that uses a large word list and the computer's cryptographically safe source of randomness -- in python, random.SystemRandom() -- but why not take the chance to get away from the keyboard for a while?)

Those takeaways again: for passwords, clever is stupid. The only thing that works is random. Humans can't do random, but computers can. Use a computer, a secure password manager, to manage your passwords. Use a cryptographer-approved method of generating the one passphrase that you need to remember -- a method that works to your strengths as a human."
HoosierJim
Posts: 987
Joined: Wed Mar 24, 2010 7:11 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by HoosierJim »

Because I am in the accumulation phase, I add money to my brokerage account once or twice a year and rebalance annually. To add money to the account it's either a check or ACH. So actual buying/selling transactions occur only a handful of times per year.

So most of the time, I need a "read-only" password that let's me check balances & performance but wouldn't allow buying/selling transactions.

Would there be added security if I could "unlock" the account for buying/selling with another password? This would be like a credit agency "freeze" that prevents others from taking out additional credit in my name. In this case, there would be two hurdles - the initial read only password and the subsequent trading password.

Would we be more secure?
goaties
Posts: 542
Joined: Fri Jan 29, 2010 3:15 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by goaties »

In the above article, one of the crackers notes that he goes to the website, finds out what the max length for a password is, and uses that to limit his search. This is done to crack some of the more difficult passwords. So, the question becomes, should you make your randomly-generated password something less than the max allowed length? After all, for limiting the size of the search space, max allowed length is a very useful piece of info, isn't it?
TDAlmighty
Posts: 171
Joined: Fri Dec 06, 2013 12:01 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by TDAlmighty »

Call_Me_Op wrote:
Leesbro63 wrote:This has been discussed before but again I want to be sure: OK, so someone cracks my Vanguard (or Fidelity etc) password. Then what? Yeah, they could "sell" a highly appreciated security, incurring big capital gains taxes and create other havoc. But the real risk is that the money gets wired to Latvia. Can that happen? Doesn't Vanguard limit transfers out to accounts that have been preapproved? And wouldn't an email alert be generated?

How great is the REAL risk of a criminal actually getting the money?
They could potentially redirect email alerts to a new email account, add a new bank routing number to your account and then wire money to that bank account.

Now, I have to believe it is not as simple as the example above. Presumably, you would receive an email alert that your email account has been changed. But if you didn't see it in time, there could be a problem.
Or they could simply hack your email account first and then use your past emails to figure out where you have accounts. Often times people use the same userid for their email as their banking/brokerage accounts. Sometimes it is as easy as using the "forgot my password" function to have the site send a temporary password to the hacked email. Or they can use variations of your email password that they previously hacked.

Protect your email account as much as possible.
Jeff Albertson
Posts: 904
Joined: Sat Apr 06, 2013 7:11 pm
Location: Springfield

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Jeff Albertson »

Hastibe wrote:For those who have been enjoying learning about passwords, encryption, and decryption, you also might find these articles enlightening/fascinating (at least, I did!):
thanks Hastibe!
User avatar
Steelersfan
Posts: 4129
Joined: Thu Jun 19, 2008 8:47 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Steelersfan »

Hastibe wrote:For those who have been enjoying learning about passwords, encryption, and decryption, you also might find these articles enlightening/fascinating (at least, I did!):
As one who's already learned a lot from this discussion, I thought the middle article was especially good:

http://arstechnica.com/security/2013/05 ... passwords/
User avatar
Epsilon Delta
Posts: 8090
Joined: Thu Apr 28, 2011 7:00 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Epsilon Delta »

goaties wrote: This is done to crack some of the more difficult passwords. So, the question becomes, should you make your randomly-generated password something less than the max allowed length? After all, for limiting the size of the search space, max allowed length is a very useful piece of info, isn't it?
There aren't very many shorter passwords. For example with the 95 printable characters there are 3.5E39 twenty character possibilities and only 3.8E37 shorter ones (0 - 19 characters). The short passwords are about 1% (just over 1/95) of the possible password space. A cracking scheme against long passwords will almost always capture shorter ones first, since people using short passwords will be more than 1% of the potential victims. So it's better to use the full length available.
Barefootgirl
Posts: 2519
Joined: Tue Oct 06, 2009 7:05 pm

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by Barefootgirl »

Looking for what I should do going forward - is MudPuppy's (thank you MP) guidance (or similar strategies), the consensus?

Just give up on memorizing a ton of passwords. Make a few really good (at least 24 characters, more is better) master passwords using some technique like DiceWords, pronounceable passwords, etc. and use a password locker program to remember individual site passwords. Have separate lockers for separate tasks (e.g. one for financial/retirement accounts, one for social media/forums, one for work, etc).

BFG

PS - I work for a govt agency - we received an alert regarding this recent breach and it was written in a way as to stand out from the typical notices - FWIW.
How many retired people does it take to screw in a lightbulb? Only one, but he takes all day.
User avatar
zaplunken
Posts: 1368
Joined: Tue Jul 01, 2008 9:07 am

Re: "Russan Gang Amasses Over A Billion Stolen Passwords"

Post by zaplunken »

In your personal life (not the govt job) I'd ask how many sites are important to you. If it is 1 then memorize a good strong userid and password. I suspect it is a lot more than 1 so IMO you need to use a password safe. There are many, I use KeePass and find it suits my needs.
Post Reply