ashley madison weak passwords [TechLog360.com]

Trending hacking news that rolling last 2 months was about Ashley Madison hack.Ashley Madison is the one of the popular adult dating website which got hacked by a group of hackers called The Impact Team on July 2015.And millions of accounts were compromised and most people became members of cheating spouse gang.

When data from the massive Ashley Madison hack first leaked online, one tiny bright spot was that researchers said the company appeared to use a strong algorithm to encrypt users’ passwords. But now a group of anonymous crackers now claim that they were able to decipher 11 million passwords  because programming errors in how that encryption was applied left the information less secure than originally thought.

Crackers from CynoSure Prime explained that the strong encryption algorithm the site used to hide user passwords since 2012 wasn’t applied to older passwords which account for about 11 million of 36 million passwords.The flaw allowed the 16-man team to crack open considerably more passwords than cyber security experts managed to do.  Ashley Madison security team used a method that requires a hacker to run 4,096 attempts of hashing for every password before finding a match to it and crack it. With this encryption method, cracking a single password is a slow and painful process with little odds of success.But the CynoSure Prime team found a back door. They identified a variable of the MD5 hash in the code prior to June 2012 when bcrypt was first implemented. That variable used the text version of a user password when generating the encryption code. The flaw allowed crackers to crack 11 million passwords in no time.

Moreover, CynoSure Prime also proved that you do not need expert cracking skills to break into Ashley Madison accounts since users themselves were low on imagination when trying to build a strong password.Crackers reported that Ashley Madison users’ favorite password was ‘123456’ with more than 120,000 users using it, followed by ‘12345,’ ‘password,’ ‘DEFAULT,’ and ‘123456789.’ Other passwords included ‘ashleymadison,’ ‘madison,’ ‘pussy,’ ‘hello,’ ‘monkey,’ ‘cheater,’ ‘superman,’ and ‘iloveyou.’The amzing fact is that ‘123456’ still ranks as the public’s all time favorite password. Moreover, countless data breaches in recent years were reported by users who used this incredibly simple password.

Security experts caution that predictable passwords expose your online accounts to cyber crime like no cracker does. Additionally, it is not recommended to use the same password to multiple accounts. Just think about it. If a cracker learns your master password he or she has access to all your online data and personal files.

Check out weak passwords used by number of users in the list below :

PasswordNumber of users
123456120511
1234548452
password39448
DEFAULT34275
12345678926620
qwerty20778
1234567814172
abc12310869
pussy10683
12345679468
6969698801
ashley8793
fuckme7893
football7872
baseball7710
fuckyou7458
1111117048
12345678906572
ashleymadison6213
password15959
madison5219
asshole5052
superman5023
mustang4865
harley4815
6543214729
1231234612
hello4425
monkey4296
0000004240
hockey4191
letmein4140
111114077
soccer3936
cheater3908
kazuga3871
hunter3869
shadow3831
michael3743
1212123713
6666663704
iloveyou3671
qwertyuiop3599
secret3522
buster3402
horny3389
jordan3368
hosts3295
zxcvbnm3280
asdfghjkl3174
affair3156
dragon3152
9876543123
liverpool3087
bigdick3058
sunshine3058
yankees2995
asdfg2981
freedom2963
batman2935
whatever2882
charlie2860
fuckoff2794
money2686
pepper2656
jessica2648
asdfasdf2617
1qaz2wsx2609
9876543212606
andrew2549
qazwsx2526
dallas2516
555552501
1313132498
abcd12342489
anthony2487
steelers2470
asdfgh2468
jennifer2442
killer2407
cowboys2403
master2395
jordan232390
robert2372
maggie2357
looking2333
thomas2331
george2330
matthew2298
77777772294
amanda2273
summer2263
qwert2263
princess2258
ranger2252
william2245
corvette2237
jackson2227
tigger2224
computer2212

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.