I've never been a fan of password hints, but I'll admit it had never occurred to me that they could be used this way. This is yet another reason to use an algorithm like bcrypt that will generate different hashes for the same password.
I'm also amazed people put such obvious password hints, and some even had their exact password as the hint.
> I'm also amazed people put such obvious password hints, and some even had their exact password as the hint.
This password protects something I doubt many people consider something that needs to be very secure. Why, therefore, should they use a complex password, or even feel the need to have a password at all? The risks associated with someone "hacking" your Adobe.com account are going to mostly seem like problems for Adobe, not problems for the user (and even the problems for Adobe are fairly dubious). Meanwhile, it is something you are pretty much never going to log in to.
It's like having a filing cabinet at your office that contains nothing but blank paper for the copy machine requiring a ten digit passcode. As the employee assigned a passcode for this cabinet, you are not going to consider the paper very valuable and you are hardly ever going to need to get into the cabinet to get that paper... why would you /not/ end up scrawling your passcode onto a post-it note somewhere (potentially even hiding it near the cabinet).
To get people to care about security you need to get them to care about the information being secured. In this case, I can't imagine most people would understand that anything in this account is valuable. Even to a more-trained-than-normal eye, it isn't 100% clear to me: you can read my tech support history (which might tell you more about myself or my work) and you can get my saved billing address (it does not save actual account information). My address (not everyone's, just mine) is already public record.
Really, the biggest concern is just that someone is going to change the e-mail address on my account and lock me out of it, preventing me from downloading licenses. I doubt your average normal user is going to even realize that changing the e-mail address on their account is possible, however (given the ways in which developers tend to use e-mail addresses and usernames interchangeably, I don't even blame them: this is a confusing concept and not every site provides the same functionality anyway).
A basic salted hash would prevent this sort of thing (not saying that bcrypt/etc. aren't worth using).
As to people using obvious password hints, it depends how much you care about the account - I don't use hints anywhere, but there's plenty of accounts I have where I really wouldn't care if anyone logged into it, so if I was someone who needed hints, then sure why not?
In the screenshot, no one is using the exact password as their reminder, presumably because it isn't allowed. The reminders include 12345, 1234567, 123456789, 654321 and 1to6. The author concludes that the password is 123456.
Hints are really bad idea. I used to add that feature, but after seeing what people enter there I've removed it from all projects. Even without someone dumping your DB, people are usually too descriptive or they use some data they think is private, but that is actually easy to get with a little research and social engineering. I remember one guy's hint was: "The best car ever", and you could easily find that he posted a tones of pictures of his new BMW on Facebook... of course, the password was bmwrulez, it took me like 10 minutes to figure it out without any cracker app...
This is an interesting attack that uses other people's password hints to match a hashed password. However, it seems unlikely that the Edward Snowden would use such a weak password to protect any resource that he considered sensitive.
Please use a randomly generated password that is as long and complex as the site you're using will allow, stored in a password safe.
I don't trust third parties to securely store my passwords. The problem with randomly generated passwords it that they are hard (impossible?) to memorize. Password squares help there, because they allow you to visually memorize the password by using a path inside a random character grid.
I recently created a website that generates a random 'password square'. It should display nicely on latest browsers (which support flexbox). You can optionally supply a seed if you want to reuse the same path but have it yield a different password.
I've been using PwdHash[0] for a few years now. It is basically a system for generating a password using your input hashed and salted with the domain name of the site. This takes the security of the password itself out of the hands of the site and allows for some password reuse. There are also browser extensions available which make it easy to use.
Regarding your last point, and as pure conjecture, it depends on how old the password is. When I was a student signing up for trial software etc. I often thought such things like "No one will ever guess 'offspring' as my password, that band is so obscure!"
On the other front, these passwords are all encrypted (not hashed) using 3DES in EBC mode.
Something encrypted with by (single) DES could be broken within 7 days about 2 years ago by some bespoke hardware.
If Adobe have been using the same key for each part of the triple DES key then you can assume that bespoke hardware of several years ago could get the key within 3 weeks (3DES being ~3 times the work of single DES). With advances in technology this is probably down to less than a week.
Let's just hope that they used a full 168-bit key, rather than repeating the single 56-bit key, and that it never gets leaked.
> ... could get the key within 3 weeks (3DES being ~3 times the work of single DES).
Absolutely not! Trippling the key length does not just triple the strength... Against brute force every extra bit will force you to invest twice the time. Though 3DES only provides an effective security equivalent to 112 bits even with the strongest keying option due to an attack on it (instead of 168 bits). It's still probably infeasible to brute force currently: The factor between brute forcing DES and 3DES is about 2^56=7*10^16 (that's a big number!), not 3 as you seem to believe.
Password hints are simply multi-factor passwords with, when used as intended, really crappy entropy and often crappy back-end handling/storage.
If you must suffer them, use random values that you note locally and store safely (just like your password). (Or that you don't store at all, simply foregoing ever being able to use the password hints mechanism.)
And, adjust your level of trust in and comfort with the site, accordingly.
So i was one of the millions affected by Adobe's hack.
Should I be worried, when I canceled my credit card immediately and used a spam address to sign up?
The only details the hackers would have on me would be my name, canceled credit card number, email address (spam email address) and answers to secret questions. Is there anything else I should be concerned about?
You should probably assume that they have your password too. Since Adobe encrypted the passwords instead of hashing them, all of these passwords will be known once the encryption key is discovered. Someone could possibly use the method in the article to guess your password as well.
So if you use the same password on any other websites, better change it.
Only if you use a password which can be obviously 'hinted at', and that's unlikely to be a very good password in the first place. Except, maybe, if it's a password phrase.
[+] [-] MattBearman|12 years ago|reply
I've never been a fan of password hints, but I'll admit it had never occurred to me that they could be used this way. This is yet another reason to use an algorithm like bcrypt that will generate different hashes for the same password.
I'm also amazed people put such obvious password hints, and some even had their exact password as the hint.
[+] [-] saurik|12 years ago|reply
This password protects something I doubt many people consider something that needs to be very secure. Why, therefore, should they use a complex password, or even feel the need to have a password at all? The risks associated with someone "hacking" your Adobe.com account are going to mostly seem like problems for Adobe, not problems for the user (and even the problems for Adobe are fairly dubious). Meanwhile, it is something you are pretty much never going to log in to.
It's like having a filing cabinet at your office that contains nothing but blank paper for the copy machine requiring a ten digit passcode. As the employee assigned a passcode for this cabinet, you are not going to consider the paper very valuable and you are hardly ever going to need to get into the cabinet to get that paper... why would you /not/ end up scrawling your passcode onto a post-it note somewhere (potentially even hiding it near the cabinet).
To get people to care about security you need to get them to care about the information being secured. In this case, I can't imagine most people would understand that anything in this account is valuable. Even to a more-trained-than-normal eye, it isn't 100% clear to me: you can read my tech support history (which might tell you more about myself or my work) and you can get my saved billing address (it does not save actual account information). My address (not everyone's, just mine) is already public record.
Really, the biggest concern is just that someone is going to change the e-mail address on my account and lock me out of it, preventing me from downloading licenses. I doubt your average normal user is going to even realize that changing the e-mail address on their account is possible, however (given the ways in which developers tend to use e-mail addresses and usernames interchangeably, I don't even blame them: this is a confusing concept and not every site provides the same functionality anyway).
[+] [-] corin_|12 years ago|reply
As to people using obvious password hints, it depends how much you care about the account - I don't use hints anywhere, but there's plenty of accounts I have where I really wouldn't care if anyone logged into it, so if I was someone who needed hints, then sure why not?
[+] [-] sitkack|12 years ago|reply
Exactly how Palin's mail was "hacked", dog's name off of a wikipedia page.
[+] [-] bobbyi_settv|12 years ago|reply
[+] [-] C1D|12 years ago|reply
Basically if some one got the key they could get the passwords to everything including the FBI Agents and then they could possibly hack their emails.
[+] [-] scottmcleod|12 years ago|reply
[+] [-] ivanhoe|12 years ago|reply
[+] [-] casca|12 years ago|reply
Please use a randomly generated password that is as long and complex as the site you're using will allow, stored in a password safe.
[+] [-] wereHamster|12 years ago|reply
I recently created a website that generates a random 'password square'. It should display nicely on latest browsers (which support flexbox). You can optionally supply a seed if you want to reuse the same path but have it yield a different password.
https://caurea.org/passwd/ https://caurea.org/passwd/#seed
The website is intentially barebones, to allow you to print it out and store offline.
[+] [-] Periodic|12 years ago|reply
0: https://www.pwdhash.com
[+] [-] unfamiliar|12 years ago|reply
[+] [-] dutchbrit|12 years ago|reply
[+] [-] 3rd3|12 years ago|reply
[+] [-] AJ007|12 years ago|reply
a) Don't have an email address with your real name in it.
b) Have several different active email addresses.
c) Never reuse passwords.
d) Only Use passwords that are a random string of alphanumeric characters.
e) Never use a hint that actually means anything.
I find it hard to believe that the real Snowden would use a single dictionary word as a password.
[+] [-] senorprogrammer|12 years ago|reply
Young me was much less paranoid than old me.
[+] [-] alexkus|12 years ago|reply
Something encrypted with by (single) DES could be broken within 7 days about 2 years ago by some bespoke hardware.
If Adobe have been using the same key for each part of the triple DES key then you can assume that bespoke hardware of several years ago could get the key within 3 weeks (3DES being ~3 times the work of single DES). With advances in technology this is probably down to less than a week.
Let's just hope that they used a full 168-bit key, rather than repeating the single 56-bit key, and that it never gets leaked.
[+] [-] anonymouz|12 years ago|reply
Absolutely not! Trippling the key length does not just triple the strength... Against brute force every extra bit will force you to invest twice the time. Though 3DES only provides an effective security equivalent to 112 bits even with the strongest keying option due to an attack on it (instead of 168 bits). It's still probably infeasible to brute force currently: The factor between brute forcing DES and 3DES is about 2^56=7*10^16 (that's a big number!), not 3 as you seem to believe.
[+] [-] theboss|12 years ago|reply
It is almost certainly not the case that adobe is using the same key for all 3 operations. It's probably more effort to do anyways
[+] [-] user24|12 years ago|reply
Userwise salted hashes would defeat this attack though.
[+] [-] frank_boyd|12 years ago|reply
Seriously.
A huge company like Adobe behaving like a beginner in programming?
WTF.
[+] [-] herghost|12 years ago|reply
[+] [-] GoldfishCRM|12 years ago|reply
[+] [-] CurtMonash|12 years ago|reply
Wasn't that already clear due to the threat of dictionary attacks?
[+] [-] pasbesoin|12 years ago|reply
If you must suffer them, use random values that you note locally and store safely (just like your password). (Or that you don't store at all, simply foregoing ever being able to use the password hints mechanism.)
And, adjust your level of trust in and comfort with the site, accordingly.
[+] [-] founder4fun|12 years ago|reply
Should I be worried, when I canceled my credit card immediately and used a spam address to sign up?
The only details the hackers would have on me would be my name, canceled credit card number, email address (spam email address) and answers to secret questions. Is there anything else I should be concerned about?
[+] [-] kevjiang|12 years ago|reply
So if you use the same password on any other websites, better change it.
[+] [-] KMag|12 years ago|reply
[+] [-] badinker|12 years ago|reply
http://pastebin.com/iDTFARwq
[+] [-] mcv|12 years ago|reply
Of course this is just an Adobe account. I don't think there's anything of value on there, is there?
[+] [-] oneeyedpigeon|12 years ago|reply
[+] [-] treetrouble|12 years ago|reply
[+] [-] yOutely|12 years ago|reply
[+] [-] EGreg|12 years ago|reply
A unique salt per account (eg the username or some stringb you store alongside the hash)
Key strengthening - run the has some number of times over 1000, preferably prime
Any kind of cryptographic has, I think even md5 would be fine if the above are followed
[+] [-] denzil_correa|12 years ago|reply
[+] [-] VMG|12 years ago|reply
[+] [-] VMG|12 years ago|reply
[deleted]
[+] [-] unknown|12 years ago|reply
[deleted]