User passwords are thin like paper-it's not because it's long and it's safe, it's because no one misses you.

Now all the hackers in the world to guess the password, will try the "Horse Battery Book Nail" (correcthorsebatterystaple) this password. Perhaps each netizen has read the question picture and this sentence, will be a little Meng. In fact, "the Horse Battery book Nail" from XFCD published cartoons named "Password intensity" ...

But...... The cartoons clearly underestimate the strength of hackers: this week, Ars invited three hackers to crack the 16,000-odd password success rate of 90%!

Hackers tell you that your password is not safe because it is smelly and long, but because no one cares about you, so it's safe for the time being.

March, blog author Nate Anderson, download a side of the Bauku password table, containing more than 16,000 hash of the real password, after Baidu know a simple training, the result only spent about 3 eggs can be fried kung fu, cracked half of the password. This gives everyone a wake-up call: If a user without any training can reach this level, think about how much noise a professional hacker can make.

Do not have the brain to make up, we invited three professional hackers, using all the tricks to crack Anderson practiced of the cipher table, launched the ultimate PK. You'll see how a long password, including numbers, case, and punctuation, is quickly broken.

There are a total of 16,449 hash (MD5) passwords in this list. Any responsible website, will not be stored in plaintext password information, but with MD5 encryption, this encryption process is irreversible, that is, even if you get MD5 ciphertext, it is not possible to directly "reverse" the original. For example, "passwd" was hashed, ciphertext is "5f4dcc3b5aa765d61d8327deb882cf99".

Although Anderson's 47% crack rate has been very good, but for professional hackers, still not mentioning. In order to prove this, we invite them to demonstrate, to be honest, they did not let us down. Even one of the worst performers in three-he spent one hours with the weakest hardware, with the smallest dictionary, an interview in the middle, and a 62% password, and the best score was 90%.

The three-person hacker team includes a password-cracking software expert, a security advisor, and an anonymous freelance hacker. One of the most popular hackers came from S.C.G., using a home computer with a single AMD 7970 GPU, it took 20 hours to crack 90%, a total of 14,734 passwords. Free GPU password cracking software oclhashcat-plus (to participate in the test hackers are using this software) development leader, Jens Steube also made good achievements, he in one hours, with a dual AMD 6690 GPU machine, got it 13,486 passwords, accounting for all 82%! Another nickname moniker Radix Hacker, with a piece of AMD 7970, to fix 62% password, also spent almost 1 hours, if not disturbed by us to interview, he should be able to achieve better results.

In the dictionary that hackers use to crack passwords, including a lot of password plaintext, these commonly used password character combination, from many large web site user data, including such as "123456", "password" and the like, these are weak-burst passwords, there are slightly better, like "p@$ $word "," 123456789j "," LETMEin3 "and so on are equally fragile. In these dictionaries, you can also find some strong theoretical password, such as "Lol1313le", "1368555av", [Oscar+emmy2] and so on:

The screenshot shows a subset of the password combinations in the hacker's dictionary. Like the hackers in the hands of the hacker's dictionary, there are nearly 100 million kinds of common passwords. But like "Momof3g8kids", "coneyisland9/" such as the password, although not in their dictionaries, as not spared, how they do it? The answer comes from two areas: the Web site failed to protect the user's password MD5 information, and the user did not use strong enough passwords.

"These weak passwords," Radix said, "he is not willing to reveal his real name," that they really do not care about their password security, do not use MD5 encryption, it is not difficult for them.

MD5 algorithm is a fast and simple "message compilation" method, generated by the ciphertext, is also the hacker's favorite object to practiced, a GPU graphics card, can traverse 800 million characters in 1 seconds, compared to see, the encryption process is time-consuming and laborious, such as Apple Mac OS X system, And the SHA512 encryption algorithm used on most unix-based systems, a plaintext password requires 5,000 hashes. This small obstacle also lets a GPU run less than 2,000 times per second, similar to Bcrypt,scrypt, and PDKDF2.

Another loophole is the user himself, choose to remember the word as a password, good remember on behalf of easy to be broken, such as "momof3g8kids" look good remember and difficult to guess, but in fact, "Mom", "kids" are every hacker hand must crack vocabulary. More and more tough hardware and software, so that hackers can easily continue to try the various combinations of these words, unless the user carefully designed, otherwise good password is the right hacker to do.

And it must be pointed out that the three hackers did not know which website the password form came from, which is tantamount to blocking one of their skills. Generally, when you get a hash of the password table, their first step is to "go to the site and see their password setting requirements and intensity," Radix said, "If hackers know the site's password strength and other conventions, this greatly reduces their work intensity, so that hackers can be targeted to take the strategy of cracking."

To elaborate on how they cracked strong passwords, it would take a comparative analysis of the methods and strategies of their three people, because their hardware and methods are not the same, and can not say which person's level is higher, for example, this is a game clearance, then a set than a difficult, first-round crack, generally can handle 50% of them Password, the success rate of the latter is less than ever, to the final stage, they can only rely on luck, get hundreds of password plaintext.

For example, in the first stage of Goseney's hands, it took only 16 minutes to kill 10,233 hash cipher, which is 62%. He started with a 6-digit password, and used brute force to deal with the 1~6 password combination of 95 characters, including 26 lowercase, 26 uppercase, 10 digits, 33 symbols. After guessing a round of such permutations (956 + 955 + 954 + 953 + 952+95), it took only 2 minutes and 32 seconds to get the correct results.

When the password is longer than 6 digits, Gosney begins to change its strategy and use a carefully selected dictionary for exhaustive. Because as the length of the password increases, the character combination exponentially several levels of growth. 1 hours can handle all 6-bit passwords, but traversing longer passwords can take weeks or even years. So, for the brute-force approach, there is a way to say: "Length firewall":

Brute force is a good way to deal with the 6-digit password, but for more than 8 passwords, there's nothing you can do to run Amazon's EC2 cloud.

Hackers certainly do not go a way to the black, Gosney the next step of violence will only be targeted at the 7~8 bit, all lowercase letters. This will greatly reduce the time required for poor, but also a lot of harvest, successfully cracked 1,618 passwords. Then he went on to try 7~8, and got 708 results. Because their permutations and combinations are 268+267, each step is only 41 seconds. Finally, he tried all by the digital composition length from the 1~12 bit, getting 312 passwords, taking 3 minutes and 21 seconds.

Used up the above entry level brute force, hackers Gosney this just began to open posture, take out their painstaking work for many years of "dictionary", through the Hashcat software built in the "best64" rule (a cryptographic statistics based on the crack behavior pattern), he can in 9 minutes 04 seconds, ran 6, 228 hash ciphertext, and then he used the previous step to crack the resulting all plaintext password, through another group called "d3ad0ne" rule filter to get "character combination feature", let him in a second, and got 51 password plaintext.

"Under normal circumstances, I first use the brute force to raise the method, completes the 1~6 bit the password to crack, because is a single GPU, also can almost instantaneous completes uses the MD5 encrypted password". Gosney explained in the email:

Because this step can be completed quickly, my dictionary is almost 6-digit password combination. This allows me to save a lot of disk space, but also can take advantage of the GPU's brute force, I later use the dictionary to crack the speed. The same is true for digital combinations, I can quickly crack a pure digital password, so there is no digital password in my dictionary, then my dictionary file +bast64 rules file. Our aim is to first pick the soft persimmon pinch.

Starting with a simple password is particularly useful for passwords that are "salt-laced" (cryptographic salt). "Salt" is used to deal with hackers "rainbow table" (a clear text and ciphertext corresponding to the table) and similar dictionary technology, salt is in the user's password, plus random characters, and then hash of the technology. In addition to defending the Rainbow table, salt-blending slows down the brute-force method of cracking.

But the key to "salt mixing" is that only when mixed with different salts (characters) can significantly slow down the speed of cracking. This means that the effect of adding salt will gradually decrease with the crack. Hackers can gradually eliminate the interference of salt by breaking the result of a simple cipher. Of course, this PK activity uses the password not to be mixed salt.

After the first round of Cuikulaxiu, 10,233 hash ciphertext has been broken, into the second phase, hackers began to use "mixed cracking strategy." As with the previous analogy of the game clearance, as the difficulty increases, the second phase of the time will be greatly increased, and the outcome will be reduced, to be exact, only 2,702 password break, time consuming 5 hours and 12 minutes.

The same as the name of "mixed crack", combined with brute force and dictionary crack two ways, which greatly expand the dictionary covered by the combination of categories, and the number of combinations to control the acceptable range. In the first round, the hacker, after all the dictionary entries, plus two random characters including symbols and numbers, has cracked 585 passwords in 11 minutes and 25 seconds. The second round, plus 3 random characters, take 58 minutes, get 527 results, the third round of persistent, plus four random numbers, 25 minutes to get 435 password plaintext, the fourth round, plus four random characters including a number and three lowercase letters, and then scored 451 password plaintext.

In the face of considerable results, gosney that it was only a result of a GPU card.

"You notice we've only added a random character of 2~3 length, but to 4 lengths, we can only use numbers, because only 1 graphics GPU, want to run the + 4-bit random characters and the combination of numbers will take a long time, so I can only give up." ”

There is no doubt that the Gosney, who has been using this 25GPU Firefight Monster machine for a longer password, revealed the "Radium Pool" machine last October:

Because the parallel computing power of the GPU grows linearly with the increase in the unit of operation, this allows Gosney to make good use of these resources, allowing him to get 35 billion times per second to challenge Microsoft's NTLM encryption algorithm. Next page