An Independent Group Has Proven That The Passwords On The Ashley Madison Website Were Easy To Decrypt
Darlene Tverdohleb | | Sep 14, 2015 04:11 AM EDT |
(Photo : Getty Images/Sean Gallup) The Ashley Madison site has achieved popularity and notoriety at the same time because of the hackers team who revealed the seemingly scandalous service that it provides and its faulty security.
When the news about the massive Ashley Madison made the headlines for the first time the only tiny bright spot was the declaration of the security experts that the company appeared to use a strong algorithm to encrypt passwords of the dating site members. However, now, one group declared that it was already able to decode more than 11 million passwords. It seems that the encryption applied has programming errors that left the data less secure than originally thought.
Like Us on Facebook
The Ashley Madison hacking saga keeps unfolding. Now, another lesson can be learned from the data breach into the cheating website. And this is a lesson that should be learned not just by the affected members of the extra-marital affairs dating site, but by all users of the Internet as well.
Members of various online websites that have log-in accounts need be pairing their unique usernames with much stronger passwords than they use to do it at the moment. The Ashley Madison scandal has proved that weak passwords are prone to being hacked, and this kind of issue can lead to stress or embarrassment to the user.
An amateur password cracking team called CynoSure Prime has revelead that the user passwords on the dating site Ashley Madison were very easy to decrypt, according to Ars Technica. The team was able to crack over a period of just 10 days around 11.7 million encrypted passwords. For their experiment the members of the cracking team have used data that was extracted and released from Ashley Madison.
Considering that the passwords of Ashley Madison user accounts were encrypted with a very slow and demanding algorithm called bcrypt, the group's achievement was surprising for many security experts.
Before the achievement of the hobbyist password-cracking team, other security experts used to believe that it would take centuries to crack all 36 million Ashley Madison passwords that are using the bcrypt algorithm.
The CynoSure Prime group has discovered some errors in programming, fact that makes around 15 million passwords much faster and easier to crack. The group already released the top passwords from the 11.7 million which have been already cracked and only the remaining of 3.7 million passwords have not yet been deciphered.
The top five passwords were revealed to be, according to Ars Technica, password, DEFAULT, 123456, 12345 and 123456789. It was shown that most of the users of the Ashley Madison dating site were following a trend of utilizing very weak passwords for protecting their online accounts. Previously, other hacking operations across various websites have shown similar weak passwords.
On Ashley Madison website there were a total of 120,511 cases of the password 123456. According to some surveys, as reported by The Washington Post, in the last two years this is the most popular password uncovered in data breaches. Another very common occurrence is the password DEFAULT, which, however, may not be from real members of the site, according to some rumors that many accounts on Ashley Madison were fake sign-ups.
TagsAshley Madison, Ashley Madison hack, Ashley Madison leak, Ashley Madison passwords, Ashley Madison hackers
©2015 Chinatopix All rights reserved. Do not reproduce without permission
EDITOR'S PICKS
-
Did the Trump administration just announce plans for a trade war with ‘hostile’ China and Russia?
-
US Senate passes Taiwan travel bill slammed by China
-
As Yan Sihong’s family grieves, here are other Chinese students who went missing abroad. Some have never been found
-
Beijing blasts Western critics who ‘smear China’ with the term sharp power
-
China Envoy Seeks to Defuse Tensions With U.S. as a Trade War Brews
-
Singapore's Deputy PM Provides Bitcoin Vote of Confidence Amid China's Blanket Bans
-
China warns investors over risks in overseas virtual currency trading
-
Chinese government most trustworthy: survey
-
Kashima Antlers On Course For Back-To-Back Titles
MOST POPULAR
LATEST NEWS
Zhou Yongkang: China's Former Security Chief Sentenced to Life in Prison
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
TRENDING STORY
-
China Pork Prices Expected to Stabilize As The Supplies Recover
-
Elephone P9000 Smartphone is now on Sale on Amazon India
-
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
-
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
-
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?