 |
  |
 |
Thanks useful information: 10
Threadstarter
It gets worse... http://it.slashdot.org/story/13/11/0...ted-not-hashed
Bottom line the hacked passwords were encrypted not hashed.
Why does that matter?
Brute force attack can unencrypt the passwords giving the hackers the original password in plain text whereas a hashed password is much harder to find the original password.
If you use the same password on multiple sites then the hacker has your password for those other sites.
regards, Kym Gallery Honest & Direct Constructive Critique Appreciated! ©
Digital & film, Bits of glass covering 10mm to 500mm, and other stuff
and in more news from Adobe:
1.9 million people had used '123456' as their Adobe password. Half a million had used 123456789, and an equally idiotic of 350,000 had used 'password'.
If people are silly enough to do this, even I could hack their accounts!
Last edited by ricktas; 09-11-2013 at 5:17pm.
"It is one thing to make a picture of what a person looks like, it is another thing to make a portrait of who they are" - Paul Caponigro
Constructive Critique of my photographs is always appreciated
Nikon, etc!
RICK
My Photography
If that was the case .. the simple passwords used, then the most likely method of password cracking would have been brute force.
So I'd suspect that if a proper Adobe account holder had used a proper password, then brute force attempts at getting into these accounts may have been both slower or even futile.
I'm thinking that if this is the sort of user account that was hacked, that many of those accounts were either dummy accounts(maybe not used or simply just set up because you have too) and so not a major issue for a legitimate account holder to worry too much about.
Of course the database shouldn't have been entered into at all, so major bad on Adobe's part there and inexcusable really.
A recent news item on the topic had it that well over 100 million(150 million?) accounts were hacked too .. not the 1 million, or 38 million previously thought to have been broken into.
Nikon D800E, D300, D70s
{Nikon}; -> 50/1.2 : 500/8 : 105/2.8VR Micro : 180/2.8 ais : 105mm f/1.8 ais : 24mm/2 ais
{Sigma}; ->10-20/4-5.6 : 50/1.4 : 12-24/4.5-5.6II : 150-600mm|S
{Tamron}; -> 17-50/2.8 : 28-75/2.8 : 70-200/2.8 : 300/2.8 SP MF : 24-70/2.8VC
{Yongnuo}; -> YN35/2N : YN50/1.8N
Another bit of information:
The file that was obtained by the hackers was 9.3GB. That is a LOT of user account data.
"If you use the same password on multiple sites then the hacker has your password for those other sites.[/QUOTE]
So then they have to read my mind to guess what other sites I access? I don't think I have much information on any site that it would matter, but we trust these sites we access to have good security. Some are better than others or more importantly perceived by hackers to be a "target" for information.
Cheers Brian.
Canon 7D Kit lenses EFS 18-55 IS EFS 55-250 IS EF28-90 Canon EF 2xll Extender Sigma DG150-500 OS Speedlight 420EX. 580EX
Threadstarter
Not you specifcally, but using the hacked account data to have bulk probe attempts at banking and other sites.Originally Posted by bricat
Turns out that computers are very good at doing the same thing over and over very quickly.
Once the probe software finds lots of accounts then feeds that info back to the crooks when then start ID theft etc.
Posting Permissions
Reply With Quote
