Chances are you need to change your password. No matter how long it is.

Over the weekend, the free password cracking and recovery tool oclHashcat-plus released a new version, 0.15, that can handle passwords up to 55 characters. It works by guessing a lot of common letter combinations. A lot. Really really fast.

Other long-string password-crackers exist, such as Hashcat and oclHashcat-lite, though they take a great deal more time to cycle through. This improvement runs at 8 million guesses per second while also allowing users to cut down the number of guesses required by shaping their attacks based on the password-construction protocol followed by a company or group.

A combination of increasing awareness of official scrutiny, such as the NSA leaks, growing instances of hacking of all kinds and leaked password lists, has inspired users to radically lengthen their passwords and use passphrases instead.

As Dan Goodin noted in Ars Technica, “Crackers have responded by expanding the dictionaries they maintain to include phrases and word combinations found in the Bible, common literature, and in online discussions.”

One security researcher cracked the passphrase “Ph’nglui mglw’nafh Cthulhu R’lyeh wgah’nagl fhtagn1,” a phrase from an H.P. Lovecraft horror story. It was less impossible than it was super easy, crackable in minutes, because it was in an easily available hacker word list.

The release notes state that the ability to target increased character counts was their most requested change in a development process which took the team six months, who modified 618,473 lines of source code, more than half the code in the product.

(by Curt Hopkins)


Share/Bookmark

Notes

  1. crimsonscorpion reblogged this from sunandcolor
  2. sunandcolor reblogged this from sarahjhuynh
  3. sarahjhuynh reblogged this from rubato
  4. shorlixa reblogged this from rubato
  5. bashfulgengar reblogged this from cystine
  6. stuffchienlikes reblogged this from rubato
  7. the-top-step-of-infinity reblogged this from rubato
  8. sting-raye reblogged this from walidhani
  9. thefaultinoursandwiches reblogged this from samisaywhat
  10. windowsmillenniumedition reblogged this from wintersglory
  11. cystine reblogged this from rubato
  12. ninjedithlord27 reblogged this from rubato
  13. laughingfish reblogged this from walidhani
  14. noelelnoel reblogged this from wintersglory
  15. wintersglory reblogged this from greezymcgee
  16. greezymcgee reblogged this from samisaywhat
  17. yaddledee reblogged this from rubato
  18. allcapsmcferguson reblogged this from samisaywhat
  19. samisaywhat reblogged this from aussiekat
  20. rabbityshen reblogged this from rubato