How To hack Password:
How To Hack Password?
Haseeb] failed the marshmallow test as a kid. He has no self-control.He wastes a lot of time on reddit. There is a solution to this problem — simply lock yourself out of your account. The process is simple, and all you need to do is change your password to something random, change the recovery email address, and click submit. In the blink of an eye, all your imaginary Internet points vanish.
That’s the one guaranteed way to quit reddit. However, [Haseeb] wanted to hold onto those magic Internet points in the event they become worth something. This led to a far more baroque solution. He found a service that would email him at a later date, send an email to himself containing a random password, and quit reddit temporarily. Until that email was delivered, he was officially off reddit. When that email was received, productivity would stop.
A few years pass, and [Haseeb] had some time to kill at his new job. He decided to scrounge up his old password, only to discover he locked himself out of his Reddit account until 2018. What followed is a security exploit of an ’email me in the future’ service, and a great example of how much effort one person will commit to a lifetime of instant gratification.
The email service in question is LetterMeLater, a site that will send an email at some arbitrary point in the future. You can hide the body of the email from yourself, making this a fairly good solution for what [Haseeb] is doing. He was still locked out of his email, though, and emailing the people running LetterMeLater seemed absurd. Dopamine is fun, though, and [Haseeb] eventually found a workaround. This site indexes the body of an email for search. This is great, because the body of the email this site would send [Haseeb] in 2018 contained his reddit password and only his reddit password. With a little bit of code, he can perform substring queries on an email he can’t read. Now, extracting the password is simply a first year CS homework problem.
At this point, the only thing [Haseeb] knows about his password is that it’s a long string of random characters that probably doesn’t include upper-case characters. That’s 26 possible characters, 10 possible numbers, and a character bank that can be determined by searching his email one character at a time. [Haseeb] is essentially playing Hangman against his former self here.
After figuring out an API for LetterMeLater, [Haseeb] whipped up a quick bit of code that finds the password by searching substrings. It’s beautiful and recursive, although he did break it down into finding a suffix of the password then determining the remainder of the password. It took 443 iterations of the code to find the password, and when that was complete he logged into reddit. Math works, although [Haseeb] will have to figure out a way to wean himself off the opiate of the millennials again.
02
How to hack-proof your passwords
Lower hacking costs. The kind of hardware used to crack passwords has plunged in price. According to Robert Imhoff-Dousharm, information security officer at SanDisk, for $3,000 you can buy a PC with the password-cracking power of the fastest supercomputer in 1994, which cost $30 million then. A PC with that power can be assembled from parts you can buy from a computer retailer, and it can crack any eight-character password in just 23 hours, he says. Have a tighter budget but more time? No problem. An $800 starter version can do it in 40 days.
Better hacking tools. The power of password-cracking tools has surged. The key technology is the same speedy graphics card, also known as a graphics processing unit (GPU), that personal computers use to speed up action games.
The latest GPUs are also ideally suited for password-cracking software, Imhoff-Dousharm explains. "GPU technology has advanced so quickly, and password crackers have taken advantage of it to the point where pretty soon nine characters won't be usable anymore," he says. It's fairly easy to find free software online that can crack passwords. John the Ripper, a popular program available from security expert Alexander Peslyak, is intended for legitimate security testing. And Cain & Abel, offered by security consultant Massimiliano Montoro, is a password-recovery tool. But those programs can also be used for illegal password cracking.
More potential hackers. With hardware so cheap and powerful software readily available, it's no surprise that many people have recently taken to password cracking as a hobby, if not an occupation. According to Imhoff-Dousharm, the size of the online community that exchanges tips about the four most popular cracking utilities and the latest GPUs has skyrocketed from a couple of thousand people three years ago to more than 80,000 today.
There's growing evidence that criminals have begun taking advantage of all those trends in a significant way. Two consumer sites, Gawker.com and Sony Pictures, experienced data breaches in the past year, exposing millions of consumers' passwords to hackers. If those passwords were also used for other accounts, then hackers had access to them, too. In October the FBI arrested a man for hacking into the e-mail accounts of 50 people, including actress Scarlett Johansson and singer Christina Aguilera. He told authorities that he had guessed Johansson's password by mining publicly available data and social networks for personal information about her.
The 2011 Consumer Reports State of the Net survey, published in June, projected that 3.7 million online U.S. households had been notified in the past year by a company, organization, or the government that their personal information had been lost, stolen, or hacked. The same survey also projected that the Facebook log-in information and accounts of almost 1 million members had been used for unauthorized purposes in the past year.
Of course, no matter how secure your passwords, you still have to be vigilant about other ways unauthorized people can gain access to your accounts.
Phishing sites, for example, are fraudulent sites that use official-looking e-mail to lure victims, posing as a bank or other familiar institution. Once you have entered your ID and password or PIN, the phisher can use them to steal from your account. The 2011 Consumer Reports State of the Net survey projected that approximately 6.4 million online users had in the previous year submitted personal information in response to an e-mail linking to such a site.
Then there are keyloggers. That malicious software, which stealthily captures and discloses your keystrokes, can be planted on your computer online if it gets hacked or by someone with physical access to it. Security software might be able to detect a keylogger. Anti-keylogger utilities are also available online, though we haven't tested them. A keylogging device (about the size of a battery) can also be attached to your keyboard's cable.
You still must watch your own practices. If you disclose a password to someone you don't personally know and trust, or if you write it down but don't secure the written version, you have exposed your account to unauthorized access.
03
A record 10 billion passwords were just posted to a popular hacking forum
Why it matters: Experts say passwords cannot guarantee online security, yet they remain the primary pillar of most people's digital protection. That is why the recent posting of a database containing nearly 10 billion unique plaintext passwords has raised alarms in security circles. Here are some tips to determine if your password is among them and how to shore up your defenses.
Last week, a user going by the handle "ObamaCare" posted what cybersecurity experts believe to be the largest compilation of passwords ever posted to a hacking forum. The file, titled rockyou2024.txt, contains 9,948,575,739 unique plaintext passwords. ObamaCare has a history of leaking data, including an employee database from the law firm Simmons & Simmons, a lead from an online casino AskGamblers, and student applications for Rowan College at Burlington County.
"Xmas came early this year," ObamaCare wrote on the forum. "I present to you a new rockyou2024 password list with over 9.9 billion passwords!"
Cybernews determined that these passwords came from old and new data breaches built on a prior "RockYou2021" compilation with 8.4 billion passwords. A net of 1.5 billion sets of credentials certainly lessens the dump's impact. However, 1.5 billion is still a massive number of passwords at risk, so experts are correct in warning this database can be a potent tool for hackers.
-
1:51:37
Glenn Greenwald
12 hours agoPutin Supporting Kamala Fallout and Reactions; Pro-Palestinian Protesters Targeted Under U.K. Anti-Terrorism Law; Interview With Journalist Zaid Jilani | SYSTEM UPDATE #328
99.1K86 -
4:39:01
Drew Hernandez
20 hours agoTRUMP TOWN HALL PART 2
76.4K47 -
1:10:22
Donald Trump Jr.
16 hours agoIn 2024, Pennsylvania Really is the Keystone State, Interview with Scott Presler | TRIGGERED Ep.171
150K192 -
1:19:00
Havoc
12 hours agoDoes Hip Hop Need an "Old" Category? | Stuck Off the Realness Ep. 12
72.5K8 -
1:18:28
Roseanne Barr
14 hours agoAre We Racist? with Matt Walsh | The Roseanne Barr Podcast #64
105K137 -
1:08:17
Josh Pate's College Football Show
11 hours agoEp 550: Week 2 Upset Alerts | Big Ten Catching SEC | Billy Napier In Trouble? | FSU War Chant Drama
43.7K3 -
49:43
The StoneZONE with Roger Stone
13 hours agoWill a NY Judge Jail Trump Next Week? w/ Trump Impeachment Lawyer David Schoen | The StoneZONE
44K17 -
4:16:00
Tundra Gaming Live
11 hours agoThe Worlds Worst Horror Streamer Has Heart Attack Playing Resident Evil Village
29.4K2 -
21:56
Standpoint with Gabe Groisman
12 hours agoEp. 45. The Life of a New York Republican Congressman. Rep. Mike Lawler
32.7K4 -
48:50
Kimberly Guilfoyle
16 hours agoThe Final Stretch - And the Stakes are Higher Than Ever, Live with Mike Davis, Danielle Alvarez, and Jason Trennert | Ep. 155
64.5K26