
Ken Thompson's Unix Password - stargrave
https://leahneukirchen.org/blog/archive/2019/10/ken-thompson-s-unix-password.html
======
whalesalad
I remember cracking the password from a Windows system in high school. There
was a centralized login mechanism using Novell but everything was cached
locally. So you could boot a Linux CD and copy the password file to a memory
stick, and crack at home. I think I used lophtcrack? The head admin account
for the entire school district (basically root) had the password “north”. It
took like a fraction of a second to crack. It was so simple that for weeks I
didn’t even believe it to be true, and didn’t realize the name of the account
was an admin.

I was expelled a few months later for all the fun I had after discovering
this. Good times.

~~~
neotek
Our high school network ran on Novell NetWare, but I wasn't anywhere near
smart enough to crack anything so I just wrote a little program in QBASIC that
looked like the NetWare login prompt which rejected all login attempts but
dumped what was entered into a text file, and left it running on one of the
PCs in the computer room. It wasn't even a compiled program, it was just
running inside QBASIC's IDE.

Yet it was running for three days before the admin got around to checking the
machine, and all he did was try to log in, failed, and rebooted the machine —
bringing it back to the real NetWare login screen. I got his password and
pretty much everybody else's too, and to this day, more than 20 years later, I
still use bits of his admin password from time to time when I'm creating
temporary accounts.

~~~
AgentME
This is exactly why some versions of Windows required you to press ctrl-alt-
delete to open the login form. Programs aren't allowed to block Windows from
receiving ctrl-alt-delete, so a fake login program would not be able to stay
on the screen after the user pressed ctrl-alt-delete. (Of course this only
works if the user knows to always hit ctrl-alt-delete when they go to login.
If the user sees an already-open (fake) login screen and does not hit ctrl-
alt-delete, then they're vulnerable.)

~~~
sys_64738
I think ctrl-alt-delete generates a hardware interrupt.

~~~
newscracker
It is not a hardware interrupt in the sense that there's nothing special about
this key combination to generate a specific interrupt. The only related
interrupts are the keyboard interrupts that happen for every keyboard
activity, which the BIOS interprets and takes actions like turning on a key
LED and storing the actions in a memory buffer (this is all in "real mode" on
x86 processors) before that goes further up to the application. Capturing the
keyboard interrupt could allow one to intercept specific keystrokes (like
Ctrl+Alt+Del) before the OS gets it, but that's not possible in the OSes the
most people use today (which all run in "protected mode").

------
alpb
Ken Thompson:

> congrats.

[https://inbox.vuxu.org/tuhs/CAG=a+rj8VcXjS-
ftaj8P2_duLFSUpmN...](https://inbox.vuxu.org/tuhs/CAG=a+rj8VcXjS-
ftaj8P2_duLFSUpmNgB4-dYwnTsY_8g5WdEA@mail.gmail.com/)

~~~
tandav
Offtopic. Many teams use mailing lists. That UX always scared me. Is anybody
know good tutorials on how to getting started to use this kind of interfaces?

~~~
rolleiflex
This is a common refrain, mailing lists do need a lot of instructions at the
bottom to make sense — email wasn't made for groups. It's like 'group' SMS,
your phone might provide you with a single chat window with all your friends,
but what it really is doing is just sending a separate SMS to every one of the
recipients.

So you need the 'the manual' attached to every message to make sure people get
it right. Looks downright scary sometimes though, especially the prospect of
getting swiped at by UNIX greybeards if you do it wrong.

Incidentally, I'm working on a modern version of this whole page in a Reddit-
like interface. ([https://aether.app](https://aether.app)) It doesn't solve
all of the pains of listserv, but it does help with most, including this one
you mentioned.

~~~
u801e
> email wasn't made for groups

I've always wondered why people didn't use newsgroups instead of mailing
lists.

~~~
yellowapple
"Any sufficiently complicated group communication system contains an ad-hoc,
informally-specified, bug-ridden, slow implementation of half of Usenet."

~~~
rolleiflex
I wish. Over Microsoft Teams, I would take that any day of the week.

~~~
yellowapple
Like I said: "bug-ridden, slow" :)

------
yjftsjthsd-h
I'm shocked at how well the old hashing stood up; sure, it's totally crackable
today, but a well-picked password _still_ took 4+ days to crack on modern
hardware, which is remarkable. (Granted, it doesn't sound like they did
anything fancy like throwing a hundred cloud instances at it or something; I'm
not saying you should use DES today:) )

~~~
melling
30 years ago I cracked everyone’s Unix password on an old Sun computer.

It didn’t take long because everyone had a password that was in the
dictionary.

Needless to say, people were not happy with the messenger.

~~~
noir_lord
Inherited a system at current (for a few more weeks) employer (recently
written so no excuse) that had used a weak hash for the password, I pointed
out to my boss how bad it was and that it shouldn't have happened, he didn't
pay a great deal of attention.

So I threw the OpenMP variant of John the Ripper at it (I'd just built a
8C/16T Ryzen machine and was curious) it broke ~80% of the passwords in under
an hour and all of them over an afternoon of not been in use.

Went to see the boss and gave him the list of passwords including his (which
was one of the weaker ones) - he gave me the time to fix it and some other
glaring security issues.

The more things change the more they stay the same.

I know enough about security to know that I _really_ don't know about
security.

~~~
autoexec
> I know enough about security to know that I really don't know about
> security.

I'm not sure anyone ever gets past this point. There's way too much for any
person to know and not enough hours in a day or days in a year or years in a
lifetime to master everything. Even when it comes to computers in general at
some level it just becomes magic to me. I might be able to point to a chip and
say "that's the sound chip" or "that's a math co-processor", and even write
software for it, but I have no idea what goes on inside and I wouldn't know
where to even start trying to build one from scratch.

~~~
noir_lord
That’s my feeling as well, I try to follow best practices at the level I work
at and hope everyone on the levels below me did the same.

------
JoeAltmaier
I had a password for an old school system (which I wrote) that was "any 21
characters where the 21st character is a 'z'". People would watch me type it
(mashing 20 keys then the 'z') and be amazed I could remember a password that
long.

~~~
Razengan
Hey that's actually a neat idea! You could expand upon that system by having
it only check the 2nd, 5th, 10th, Nth etc. characters.

So people could type in different gobbledegook each time between the
characters that matter.

To further defeat keyloggers, shoulder snoopers etc., let each valid character
be an option from a set of two or more characters.

So, if my password is: Any 8 characters, but 2nd character must be
A/B/C/x/y/z, and the 6th must be !/@/# then I could type:

    
    
        9A4jc@23
    
        #C(@$!as
    
        oxo!c#-1
    

or any other valid combinations to get in.

How more secure would something like that* generally be compared to static
passwords?

* (Of course this is a simplified example for illustration. In practice you'd use more characters/options.)

~~~
jedberg
> How more secure would something like that generally be compared to static
> passwords?

It's not secure at all. If someone knows the rules of the system, the entropy
on that is tiny, because it's basically a 2 letter password with only 6/3
options.

The only security would be from the obscurity of the attacker not knowing the
password rules.

~~~
Razengan
> _because it 's basically a 2 letter password with only 6/3 options._

That was obviously an oversimplified example to explain the rules.

In practice you could make it as obscure as you want, while keeping it easy
for you to remember.

Like the sentences I just typed here. No limit on the number of characters. I
could enter different long sentences each time, as long as the characters at
specific positions match certain sets.

~~~
jerf
There is no way that "use a (proper) subset of the characters for bits of
entropy" is going to beat "use all the characters for bits of entropy". Almost
by definition, the second is going to have more entropy.

You're not getting anywhere, because people trying to guess your password
don't have to guess your scheme. All you're doing is making it easier for
them. There is no sense in which you are making it harder.

In the optimum case, you'd require them to get the right characters in the
slots you're counting, but to not use the wrong characters in the slots you're
not counting, thus demonstrating that they actually know the scheme in
question and aren't just getting lucky. There would be exactly one character
you'd accept in the slot you're counting, and there would be exactly one
character they could use to indicate they understand your pattern in the slots
you're not counting. This maximizes the chance they have proved to be in
possession of your password, rather than just getting lucky because you didn't
count their misses. This is, of course, simply using a password normally.

------
carlmr
>Since the DES-based crypt(3) algorithm used for these hashes is well known to
be weak (and limited to at most 8 letters)

>ZghOT0eRm4U9s:p/q2-q4!

How is that 8 letters?

~~~
ryanlol
The part before : is the hash, the part after is the cracked 8 character
password.

~~~
larrik
still 13 characters...

edit: LOL, I guess I'm a little dumb today

~~~
progval
"p/q2-q4!" is the password, "ZghOT0eRm4U9s" is the password's hash. "p/q2-q4!"
is 8 characters.

~~~
ct0
Very easy to type as well

------
umanwizard
If anyone is curious, the equivalent in modern notation is “1. d4!”. Moving
the pawn in front of the queen forward by two spaces. The exclamation point
indicates that the annotater believes it to be a particularly strong move
(describing a standard move from opening theory that way is a bit tongue-in-
cheek).

~~~
sanderjd
What does the p/ part mean? My chess experiences is all after the popularity
of descriptive notation...

~~~
gatesphere
p/q2-q4!

p : pawn

/ : at

q2 : queen's file, rank 2

\- : moves to

q4 : queen's file, rank 4

! : good move!

~~~
sanderjd
Oh hmm, I didn't realize the notation was _so_ unnecessarily verbose :) Of
course it's a pawn moving from q2 to q2, that's the only thing there at the
beginning of the game!

~~~
draegtun
Actually in descriptive notation the move would have been:

    
    
        P-Q4
    

Ken _padded_ this out to 8 characters.

~~~
sanderjd
That makes way more sense!

------
scardine
Right after finishing Electronics vocational school I spent the next year
working as an intern at Unicamp (Campinas University in Brazil). The job was
at the computer lab of the School of Electrical and Computer Engineering[1].
This was before ethernet (yeah, I' that old), so dumb terminals were linked to
the CPUs through RS-232 cables - when I was not burning my fingertips
soldering DB-25 connectors I was tinkering with every computer I could get my
hands on.

I saw /etc/passwd and asked my boss how to decrypt the passwords. He told me
it was a one-way encryption, so the login program would just encrypt the
password you provided and compare to the encrypted value. He went on
explaining the old crypt algorithm and even made a bet I could not guess his
password. He said it was related to a movie.

So at 17 I was hooked and started studying the sources. In the end I just
patched and recompiled the passwd binary to store clean text passwords in a
hidden file. Later I learned this was called a trojan horse.

And even now, 30 years later, I remember his face when I told the movie was
Citizen Kane and his password was "rosebud".

Thank you Miguel and Gorgonio for teaching me about C and Unix! This knowledge
paid my rent for 3 decades and I still love the job.

[1]
[http://www.internationaloffice.unicamp.br/english/teaching/g...](http://www.internationaloffice.unicamp.br/english/teaching/graduate/school-
electrical-computer-engineering/)

[2]
[https://en.wikipedia.org/wiki/RS-232](https://en.wikipedia.org/wiki/RS-232)

------
cantrevealname
One lone password from the original list, Bill Joy's password, is still
uncracked as far as I can tell. Bill Joy is the co-founder of Sun
Microsystems, author of vi, and a key developer of BSD UNIX. He apparently
picked the best password.

Here's the /etc/passwd entry:

    
    
      bill:.2xvLVqGHJm8M:8:10:& Joy,4156424948:/usr/bill:/bin/csh

~~~
Snawoot
I already checked all passwords made of any printable character up to 7
symbols length. Full 8-symbol bruteforce will take about 120 days on my
hardware, so I prioritized passwords with no special symbols first.

Does anyone with hashcat and GPGPU want to join me?

~~~
Snawoot
Preimage found and about to be disclosed:
[https://inbox.vuxu.org/tuhs/90ffe509-76b5-6629-c55a-7785815f...](https://inbox.vuxu.org/tuhs/90ffe509-76b5-6629-c55a-7785815fda2e@kilonet.net/)

And yes, again it is related to chess.

------
berbec
Interestingly enough, this password does not show up on haveibeenpwnd!

~~~
bitwize
Probably a dearth of chess passwords in their database. Try haveibeenpawnd.

~~~
1-6
Wow, you deserve the comment of the day.

~~~
AnimalMuppet
For that comment, bitwize should be knighted.

~~~
dredmorbius
Or queened!

~~~
quickthrower2
Or at least promoted.

~~~
Noumenon72
Thank you for not suggesting he get rooked.

~~~
philpem
Geez, you should pawn that comment off ;)

------
lolc
This bothers me because I prefer to use slightly embarrassing passphrases. I
do that because it creates a secondary incentive not to disclose them.

~~~
elisto
Does that mean that it is embarrassing and can be tied to you or that it is
just embarrassing to say? If the first, then wouldn't you risk being pwned and
having that used against you?

~~~
mjlee
I worked with someone who had to share a password to solve a major outage.
(Yes, I know...)

It was a rude comment about a colleague.

~~~
lolc
Want better password hygiene in the workplace? Encourage rude passwords!

~~~
a3n
Password rule N+1: "A password must contain at least one word from our list of
banned URLs."

At a former job I could not go to one of global corp Tata sites, because tata.

~~~
philpem
Good luck finding out where Penistone or Scunthorpe are...

------
elahieh
ZghOT0eRm4U9s is actually the newer one, the older one is from 2.9BSD, through
to 4.3BSD

[https://www.openwall.com/presentations/Passwords12-The-
Futur...](https://www.openwall.com/presentations/Passwords12-The-Future-Of-
Hashing/mgp00011.txt)

sq5UDrPlKj1nA

Seeing this news, I guessed this one on my second guess (after trying
p/q2-q4!) - no brute forcing required!

p/k2-k4!

~~~
elahieh
Oops - I have it the wrong way around. 2.9BSD came out after 3BSD.

------
Zanneth
Did anyone bother to ask Ken’s permission first before publishing his password
on the public internet? Based on his reaction he clearly didn’t mind, but
still!

~~~
blub
In my opinion this was a pretty crappy thing to do. Password could contain
personal and potentially embarrassing information, even if that wasn't the
case here.

~~~
ben509
Pike was piqued, too.

~~~
emmelaich
Here's his message. Says he knew it already by sitting near Ken.

[https://inbox.vuxu.org/tuhs/CAKzdPgw0Vz8UFbK7c_Jr+RHGMssSxN=...](https://inbox.vuxu.org/tuhs/CAKzdPgw0Vz8UFbK7c_Jr+RHGMssSxN=t8W36J0FMTPt5w+wkgA@mail.gmail.com/)

------
iblaine
This brings back memories of a common exploit w/tftp, such that you could
download an unshodowed /etc/passwd file from a remote machine, decrypt it, log
into that remote system, collect new hosts from /etc/hosts, then rinse and
repeat. Hash rate were pretty slow back then, but the fact that people used
passwds straight out of dictionaries helped, so I'm told...

~~~
wjp3
Better yet, open the /etc/passwd and see the root user's password wasn't
set...

Back in college I ran ToneLoc overnight and would try ftp on the successful
hits. One server didn't have root set, so I telnet'ed, <Enter> when prompted
for the password, and I was in.

I ran 'who', saw a user logged in. Decided to wall them a message of "You
should really set your root password." and logged out.

A couple of days later, I got an email on the trash email account I would use
for ftp logins - dude was super nice but freaked out and wanted to know how I
found his server. I didn't reply.

~~~
nguoi
Do you know the train biscuits story?

[https://www.youtube.com/watch?v=SF2fZ2iOXhk](https://www.youtube.com/watch?v=SF2fZ2iOXhk)

Imagine the anecdote coming from the person you wall'd.

------
dekhn
i deduced my dad's password when I was a middle-schooler. The uni micro had a
teletype and although it did not echo password characters, if you mistyped
your password, it would print the mistyped password, and knowing a bit about
my dad, I could figure out what the correct password was. I logged in and sent
himself an email reminding him to use a better password.

~~~
Gunax
That's just a bad system design, not your dad's fault really:

"You're password 'huntet2' is invalid"

unless the password is just random characters, anyone can guess how it was
mistyped.

Hell, even if it _was_ just random characters, one could just assume that it's
one character-off from the real password, and try shifting each character
around.

~~~
jerf
To be precise, in the case of a patterned password (i.e., dictionary word or
something a human can recognize), it leaks all but about 2-3 bits, assuming
the human can work out the most likely mistake as in your example, and we
assume it's a simple error like a nearby key or simple character flip.

If it's a random password, it may still leave 2-3 bits per character as it
becomes much harder to know where the error is (e.g., if "j9^vl4JO" is wrong,
what is the correct password?), but if you have your hands on two independent
errors, which is reasonably likely, that pretty much collapses to 1-2 bits
tops even in the random case (e.g., if you also have "k9^vl4JP" that pretty
much nails it down to either the first and last being "j P" or "k O").

It is a truly terrible idea!

~~~
xoa
> _e.g., if "j9^vl4JO" is wrong, what is the correct password?_

Shouldn't that remain utterly trivial to brute though? If we're assuming all
the standard face keys+shifted, I think that's 94 characters. If it's fully
unknown then search space is 94^8 or about 6E15, not good but if it's an
adaptive hash sizable. But if it's only a one character error, wouldn't you
just brute through each of the 8 one by one with only 94 each? That'd reduce
it to just 752 possibilities at worst which is so low someone determined could
even do it by hand, even ignoring any obvious psychology like the likelihood
that the special character isn't the mistake and probably the only special
character too.

Certainly not quibbling that it's an awful idea. I don't even like "password
hints" so many systems still seem to have, they should be random!

~~~
perl4ever
You don't think the special character could be a mistake?

Seems plausible the correct password might be j(6vl4JO...

~~~
xoa
> _You don 't think the special character could be a mistake?_

Not that it makes any real difference here with such a small search space, but
in this scenario (known typo, information revealed) it's less likely.
Remember, we're considering a human typing something out on a keyboard, so the
probabilities aren't fully random. If we're trying to use probabilities to cut
down the search space further, a caret character requires shifting well away
from the home row (shift-6 US standard qwerty) so it's more likely to
represent active intent. Perhaps it could be % or & (shift-5/shift-7), but if
you know someone is trying to type a password out and has made a typo then a
left/right neighbor with shifting preserved is an easy place to start
guessing.

Obviously, this whole thing is such an awful idea and breaks everything so
badly that it's all kind of theoretical anyway, hopefully no software has had
behavior like this for a long time. And any actual brute force program today
has far more sophisticated pattern attacks based on the enormous corpus of
password leaks and knowledge there now is, which is why it's foolish to try to
try to be clever with passwords rather then just generating something fully
randomized.

------
jonnycomputer
the most amusing thing is the exclamation mark on such a banal opening move.

~~~
Waterluvian
It's been decades. That means "Check!" right?

~~~
thom
Exclam! Generally a good move, perhaps even unexpectedly so. Double exclam,
!!, being a brilliant move, especially one with flair like a sacrifice. Triple
exclam is reserved for the games of Emory Tate. ;)

~~~
mongol
Emory Tate must have been extraordinary..?

~~~
mywittyname
More like Extraordinary!!!

------
politelemon
> (those familiar know the hash-rate fluctuates and slows down towards the
> end)

Could someone explain this to me, why does it slow down towards the end?

~~~
parsimo2010
I don't know for sure, but these Radeon GPUs are power hungry and hot. It
could be just that after multiple days the entire computer is heat soaked and
goes through more thermal throttling than even the "steady state" GPU tests
that most gamers do (a few hours).

It might also be cruft building up over time with small memory leaks or
imperfect memory management.

~~~
nexuist
This is what I thought too, the heat simply becomes overwhelming and the unit
has to underclock to prevent melting.

~~~
close04
I think the "towards the end" part is the misleading one. The software has no
idea where the end is or it would just jump there. Since the run took 4 days
slowing down due to throttling would happen pretty fast as the card reaches a
thermal equilibrium. Certainly wouldn't take days to do it.

It's more likely the explanation above of something (not heat) accumulating
over time and slowing down the processing.

~~~
floatboth
Real explanation below >>
[https://news.ycombinator.com/item?id=21205272](https://news.ycombinator.com/item?id=21205272)

------
Isamu
Queen's pawn game:

[https://en.wikipedia.org/wiki/Queen%27s_Pawn_Game](https://en.wikipedia.org/wiki/Queen%27s_Pawn_Game)

[edit] See also "Ken, Unix and Games" by Dennis Ritchie:

[https://www.bell-labs.com/usr/dmr/www/ken-games.html](https://www.bell-
labs.com/usr/dmr/www/ken-games.html)

------
annoyingnoob
I'm feeling like it is not appropriate to publicly post passwords, even when
they are old.

~~~
lonelappde
This is Vader is Luke's father old.

------
abalone
How did they crack it in 4 days if ”a 7-bit exhaustive search would still take
over 2 years on a modern GPU”? Is that overstating it?

~~~
maccard
They got lucky/narrowed the search space. Just because it will take me 2 years
to evaluate all the possibilities, doesn't mean I won't immediately hit
aaaaaaaa

~~~
semi-extrinsic
Specifically, we can conjecture they narrowed the search space to
"lowercase+numbers+a few symbols", excluding uppercase letters.

~~~
MayeulC
I guess that cracking this specific password could be said to have been
parallelized over multiple individuals over the years, and it wouldn't
surprise me if it had burnt multiple years of processor time. In the end,
someone had to get lucky when picking their search space/exploration
parameters :-)

------
ectospheno
I once anonymously emailed administrators of a multiuser unix system that
perhaps they should handle the numerous users that had home directories and
.bashrc files that were both writable by everyone. After a week I had the
users themselves email when they logged in. It was fixed that day.

------
trustissue
Speaking of passwords, I just discovered that HN will ban your IP address from
creating an account if you have a question mark in your password. I assume
this is to help against SQL injection? (Not a security person here.) Pretty
extreme result, but luckily I can post from another IP. I wonder how many
users have hit this and not known why?

~~~
grzm
While possible, it seems unlikely that this is the case. I'd contact the mods
via the Contact link in the footer to resolve the issue.

------
tracker1
Interresting. :-)

When I create hashes for systems, I actually, now create a "version" prefix
for hashes... this way I can on-run upgrade to a newer hash at login (if/when
needed).

Have upgraded a older systems this way... after 30 days, dumped any that
hadn't changed and sent emails notifying that they'd have to use the "forgot
password" option the next time they wanted to login.

Currently using pbkdf2/hmacsha512*100000 for password hashing. 16-byte salt,
32byte result... varying too far from NIST guidelines would have been a hard
sell.

output base64 values: v#.SALT.HASH

------
cantrevealname
Since this password list appears to come from one of the original systems on
which UNIX and C were developed, it would be fun to see the names and original
passwords of all the luminaries. I merged together the author's work, the
original /etc/passwd, and the comments from the mailing list:

    
    
      root:OVCPatZ8RFmFY:Ernie Co-vax --> cowperso
      daemon:*:The devil himself --> (login not allowed)
      bill:.2xvLVqGHJm8M:Bill Joy --> (password still unknown)
      ozalp:m5syt3.lB5LAE:Ozalp Babaoglu --> 12ucdort
      sklower:8PYh/dUBQT9Ss:Keith Sklower --> theik!!!
      kridle:4BkcEieEtjWXI:Bob Kridle --> jilland1
      kurt:olqH1vDqH38aw:Kurt Shoens --> sacristy
      schmidt:FH83PFo4z55cU:Eric Schmidt --> wendy!!!
      hpk:9ycwM8mmmcp4Q:Howard Katseff --> graduat;
      tbl:cBWEbG59spEmM:Tom London --> ..pnn521
      jfr:X.ZNnZrciWauE:John Reiser --> 5%ghj
      mark:Pb1AmSpsVPG0Y:Mark Horton --> uio
      dmr:gfVwhuAMF0Trw:Dennis Ritchie --> dmac
      ken:ZghOT0eRm4U9s:Ken Thompson --> p/q2-q4!
      sif:IIVxQSvq1V9R2:Stuart Feldman --> axolotl
      scj:IL2bmGECQJgbk:Steve Johnson --> pdq;dq
      pjw:N33.MCNcTh5Qw:Peter J. Weinberger --> uucpuucp
      bwk:ymVglQZjbWYDE:Brian W. Kernighan --> /.,/.,
      uucp:P0CHBwE/mB51k:UNIX-to-UNIX Copy --> whatnot
      srb:c8UdIntIZCUIA:Steve Bourne --> bourne
      finger::The Finger Program --> (no pw but runs a program, not a login shell)
      who::The Who Program --> (no password but runs a program, not a login shell)
      w::The W Program --> (no password but runs a program, not a login shell)
      mckusick:AAZk9Aj5/Ue0E:Kirk McKusick --> foobar
      peter:Nc3IkFJyW2u7E:Peter Kessler -- ...hello
      henry:lj1vXnxTAPnDc:Robert Henry --> sn74193n
      jkf:9ULn5cWTc0b9E:John Foderaro --> sherril.
      fateman:E9i8fWghn1p/I:Richard Fateman --> apr1744
      fabry:d9B17PTU2RTlM:Bob Fabry --> 561cml..
      network:9EZLtSYjeEABE:(no name listed) --> network (runs a program, not a login shell)
      tty:: --> (no password but runs a program, not a login shell)
    

It's amusing to see that even very smart people picked passwords just like
people do today:

\- spouses' names (jilland1, wendy!!!, sherril.)

\- birth dates (apr1744 might be April 17, 1944)

\- the first word that came to your mind (whatnot, foobar, ...hello)

\- though a few were thoughtful (sn74193n is a synchronous binary counter from
the 7400-series chip family and likely immune to dictionary attack in that
era)

\- easy to type patterns on a keyboard (/.,/., or 5%ghj)

\- obscure words (axolotl is a Mexican walking fish)

\- different languages (12ucdort is 1,2,3,4 in Turkish)

\- and some people didn't care (Steve Bourne, inventor of the Bourne shell,
picked "bourne")

~~~
royce
The superset of all of the original CSRG-shipped cracking-eligible descrypt
hashes is actually about 1400 hashes, drawn from a slightly smaller number of
overlapping accounts among releases. Many of them appear to have been
temp/test/throwaway with generic usernames and short, simple passwords.

------
giorgioz
>Did he really use uppercase letters or even special chars? (A 7-bit
exhaustive search would still take over 2 years on a modern GPU.)

>took 4+ days on an AMD Radeon Vega64

I don't understand. The author first claims that it would take 2 years on a
modern GPU to brute force a 7 bit password with special characters but then he
is helped by Nigel Williams that cracked it on 4 days on an AMD Radeon Vega64

Did Nigel Williams used a better technique? Is AMD Radeon Vega64 much faster
than a "modern GPU"? Did the author overstimated the difficulty?

------
1123581321
I don’t understand why the author thought it would take years to find this
password, as opposed to something closer to the four days it actually took.

~~~
sp332
They said an exhaustive 7-bit search would take that long.

Edit: That would be 128^8 =~ 72 quadrillion DES hashes.

~~~
aidenn0
Which works out to 2.2 years at the rate that the actual password was cracked
(1GH/s).

------
tejisanti_
Dear stargrave, I am very grateful for sharing this knowledge. It was a
delight reading.With this, I realized I am almost achieving a old dream of
mine since my teenager years: I understood almost everything. And came in the
proper time, just as I am finishing my masters in informatics and computer
engineering this year. You have my gratitude.

------
ganitarashid
I guess he’s lucky that the password wasn’t anything embarrassing. What if the
password had been “I love sex” or something?

------
Kiro
> Did he really use uppercase letters or even special chars?

Why would he not? I'm obviously missing something here.

~~~
windsurfer
The early days of mainframes had some groups of individuals who advocated for
no passwords or just your username again as a password:
[https://www.oreilly.com/openbook/freedom/ch07.html](https://www.oreilly.com/openbook/freedom/ch07.html)

~~~
dekhn
you're confusing mainframes with UNIX microcomputers, and 1983 wasn't early.

Also, I rememebr when FSF hosted UNIX machines at MIT that you could telnet
into without a password. It was a total mess.

~~~
taborj
Cliff Stoll's _The Cuckoo 's Egg_ grapples with this a bit. The fine line
between open systems that anyone can use, and closed systems that protect your
privacy and data.

It's obviously a settled question these days, but back in the 70s and 80s,
this was a bit of a hot topic.

~~~
sfink
I disagree. I don't think this is at all settled, and in fact is a bit topic
right now. The debate has just moved on past personal passwords.

For example, chat systems. Do you want an open one where anyone can get on
with a minimum of fuss and participate? Or do you want an open one, with
controls to manage spam and harassment so that people are able to be open
while using it?

(I work at Mozilla, where we are moving off of IRC because, while it
encourages participation from any rando who comes by, it is inaccessible to a
number of people because they will be attacked if they log in. Many have moved
over to Slack, which is very much closed (but open). Not to mention the
channels that have been abandoned because they are overrun with spam, which
makes them inaccessible or at least useless to _everyone_. As someone who does
not get harassed, I don't really like either of those points on the spectrum
even though IRC works great for me if I don't think about the people who are
no longer there.)

~~~
lonelappde
Why not make an anti-spam/harassment ITC bot, and Take Back The Web from
Slack?

It's really hard for me to understand what Mozilla's mission is these days.

------
bobwaycott
I’m slightly confused by the part where the author states a 7-bit search would
take 2 years on a modern GPU, and the answer was found in 4 days on a Vega64.
Isn’t that a modern GPU? Have I misunderstood here, or was the author’s math
incorrect?

~~~
stevewodil
It would take two years to generate every hash, but this one happened to be
generated earlier than that. It would also be technically possible to guess a
Bitcoin address private key on the first guess, but there are 2^160 total
possibilities

------
bryanrasmussen
That password was pretty long - could be a complete windowing system written
in J.

~~~
soohyung
The password is only the last 8 characters, everything before the colon is the
password's hash.

~~~
bryanrasmussen
I'm certainly not going to let reality get in the way of a joke about the
compact expressiveness of J.

------
dataminded
Reminds me of when I cracked the domain admin account at work so that I could
install software that I needed to do my job. IT was slow and unresponsive so I
figured that I would help them.

------
mikorym
Surely this was a perhaps modified dictionary attack that solved it in the
end?

I don't understand the comments that describe (presumably random) 10+ char
passwords as "crackable".

------
qrbLPHiKpiux
Dave MacArt, computer science teacher, high school Username Mac Passwd Cam

Easy brute force in 1989 I got in big trouble for it because I messed up the
server.

------
frou_dh
He would have had to expend quite some calories to type that out every time on
an ancient keyboard with chunky keys and massive travel.

~~~
floatingatoll
Uphill! Both ways!

How many fewer calories do I burn when typing on a low-travel keyboard rather
than an old mainframe keyboard?

~~~
CDSlice
Probably not very many. According to XKCD What If? [1] a modern keyboard takes
around 2 millijoules to press a key. Typing a full novel would take a few
kilojoules. Even if an old mainframe keyboard took 10x more power to press the
keys you would save less than a AA battery worth of energy over writing a full
novel.

[1] [https://what-if.xkcd.com/102/](https://what-if.xkcd.com/102/)

~~~
floatingatoll
Using some conversions from an internet site, one AA battery is 1.3e4 Joules
and a human requires 8.4e6 Joules per day, so about 133 seconds of energy
saved per 6 months of novel, or two lost seconds of calorie burning exercise
every three days.

(Lots of sketchy napkin math here)

------
rcpt
That url,
[http://www.retrocomputingtasmania.com](http://www.retrocomputingtasmania.com)

------
rpmisms
I'm disappointed that it followed a pattern like that, since that's supposed
to make it easier to brute-force guess.

~~~
lucb1e
Yes, any sort of logic is weaker than random characters. But this was a long
long time ago, hence the weak passwords. Computers couldn't crack things that
fast. Today, recommendations are still based on what we expect computers will
be able to crack in the foreseeable future.

I remember a teacher used the password "music". We had every user's password
in plaintext. This was useful when installing a new Windows domain controller
and setting all the passwords (about 30 employees in the school) instead or
copying hashes or letting them set their own passwords. In hindsight, I find
it batshit crazy that some stupid intern (me) walked around the school with a
sheet of paper with literally everyone's password on it, logging into people's
systems where necessary or potentially forgetting the sheet somewhere. I'm not
saying this never happens anywhere in the world anymore, but I do think
security mindset changed in the last decades.

~~~
tom_mellior
On the other hand, being admin on a system is not that different. Sure, you
don't have users' passwords, but you can still do arbitrary stuff in their
name. Very large organizations will have some sort of system that logs this
stuff and that you can't tamper with, but in a lot of places you could easily
cover your tracks.

~~~
lucb1e
I would argue that having passwords made up by users and having access to a
user's work account is a little different. In the former case, I see what kind
of password they use and can guess that they reuse the password (or a variant)
elsewhere. I can also take knowledge if I get fired, but my admin permissions
are revoked.

------
tempodox
Digital archaeology has always been an interest of mine. Must be fascinating
to investigate such antique artifacts.

------
reubensutton
I wonder how long it was between this password crypt approach and the first
practical cracker for them

------
octosphere
I use a diceware[0] passphrase for my Keepass database. I was inspired heavily
by XKCD comic 936[1]. My only issue with password managers is that they are a
single point of failure and are juicy targets for hackers, so I usually vet
them and audit them thoroughly before I use them. I am one of those rare
people that actually looks at the source code of password managers to look for
flaws in the implementation (I sometimes spot flaws and duly report them to
the maintainers).

One caveat to diceware I never liked is how it wears out the keyboard over
time as you have to type the same passphrase each time to open the vault (You
would be surprised how many times I need to do this each day). I sometimes
have to lock my database to avoid evil maid attacks when in a hotel for
example. Of course I go through about three keyboards a year because of this,
but I don't mind the cost if it gives me a crispy fresh keyboard each time.
And did I mention I don't own merely one encrypted database, but many
depending on different contexts and different devices?

[0]
[https://en.wikipedia.org/wiki/Diceware](https://en.wikipedia.org/wiki/Diceware)

[1] [https://www.xkcd.com/936/](https://www.xkcd.com/936/)

~~~
sfink
So you're saying that if I get access to your current keyboard or any of your
former ones, I can get all of the keys used in typing your master password
just by looking at the wear pattern? Hey, thanks for the tip!

------
wibble10
I’m sort of curious what dmr’s was now (his hash is gfVwhuAMF0Trw) from the
same dump...

~~~
Miner49er
Looks like it was dmac

[https://inbox.vuxu.org/tuhs/87bluxpqy0.fsf@vuxu.org/](https://inbox.vuxu.org/tuhs/87bluxpqy0.fsf@vuxu.org/)

------
toolslive
disappointed he didn't use algebraic notation. Could have been: e4e5f4ef

~~~
MadWombat
Queen's pawn, so d4d5e4de

~~~
toolslive
real men play the King's gambit ;)

------
buboard
Seems hard to remember. Could it be a collision?

~~~
gfiorav
It's a chess move

~~~
buboard
oh! I thought the whole thing was the password, apparently the first part is
the hash

------
quickthrower2
Troy, please add this breach to
[https://haveibeenpwned.com/Passwords](https://haveibeenpwned.com/Passwords)

------
quickthrower2
Serious question: Was this illegal to crack?

------
AdamN
Seems like an annoying password to type.

------
zymhan
I still have 0 idea what's interesting about this. How is this a chess move?

~~~
mark212
the password is the last part: p/q2-q4!

it's a notational way in the chess program (written by Ken Thompson) to
describe a chess move, "pawn from Queen's 2 to Queen's 4."

A very common opening move that "puts a pawn in the center, controlling the
important e5-square, and opens the line for the Bc1."[1]

The notation is old. Modern notation would just write it as "d4" because
there's only one piece (a pawn) who can move to that square as the first move
and only one spot from which it can move (d2).

[1] [https://www.chess.com/openings/A40-Queens-Pawn-
Opening](https://www.chess.com/openings/A40-Queens-Pawn-Opening)

~~~
zymhan
> the chess program (written by Ken Thompson)

AHHHH thank you this makes much more sense now

------
tiep
i'm interesting with this, have an copy for it

------
fao_
Wow, I didn't expect the thread to go this far

------
usebunsby
Hmm. That's interesting.

------
thiagoc
"Now I need to change my password on all websites that I use >:/"

------
mseepgood
So he moved on from chess to Go?

~~~
caseyw
I laughed here. Thank you kind human!

------
jedberg
Back when I worked in IT many years ago, one of the things I did each week was
run JohnTheRipper on our password file. If it cracked your password, it sent
you an email saying your password was weak and you had to change it.

If you were in the next week's batch, it emailed you and told you "your
password is foobar, which we discovered by cracking the password file, and it
is weak. You must change it". Yes, I emailed them their password in plain text
using our internal email system. Jury's still out on whether that was a good
idea. :)

The next week we just disabled your account and you had to come to IT to fix
it.

One guy actually got fired for his password. He was already being super creepy
and making the girl who sat across from him uncomfortable, but she never told
anyone. Then we cracked his password, which was a very naughty phrase about
the girl who sat across from him. I reported it to HR, who asked the girl, who
then said he was creepy, and so they acted swiftly on the reports and got him
out of there.

~~~
parliament32
I'm conflicted about this. I know I'd be pretty upset if an employer starting
talking to me about a plaintext password that's supposed to be hashed. The
problem is that they _brute forced_ it and then sent it directly off to HR?
Yes, as a sysadmin it's perfectly acceptable to be searching for weak
passwords, but reading the plaintext yourself for fun then scurrying to HR is
kinda a slimy thing to do. As an admin you have an obligation to your users to
not be nosy, and if you find out something you shouldn't, keep it under your
hat. Just because you have the ability to peek into the CFO's mailbox and see
what everyone's salary is, doesn't mean you print out the spreadsheet and take
it to your boss demanding a raise.

It's kinda like if you got in trouble for playing Farmville or whatever while
sitting on the toilet at work, which they found out about by installing
cameras in the stalls. Yes, I shouldn't have been doing that, but how you
found out is also a huge issue and I'd feel pretty violated.

You should probably re-read the sudo warning:

    
    
        We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things:
        #1) Respect the privacy of others.
        #2) Think before you type.
        #3) With great power comes great responsibility.

~~~
brosinante
Yes, creepy sexists need our protection and it's exactly the same thing as
playing farmville on the bathroom.

~~~
Quekid5
You know, it's quite possible for multiple people to be "wrong" in a given
situation. It's possible both the employee and the sysop to be wrong.

~~~
yaseer
I agree, - but morality is sticky and complex.

It was obviously wrong to be the creepy sexist.

In the abstract sense, it is wrong to invade privacy.

But then, if in your invasion of privacy you uncover a wrongdoing, the right
thing to do is report it.

It would be wrong to read the CFO's email inbox, and probably illegal. But
then if you uncover they are committing fraud, you need to report it to
police, as well as confess your own crime.

Unfortunately, there's never easy rules for these things.

~~~
WBrad
I get what you're saying here but:

>In the abstract sense, it is wrong to invade privacy.

You have no real expectation of privacy when using company owned equipment.
This was almost certainly spelled out to the employee in question in the
acceptable use policy he agreed to upon being hired. Companies have to operate
this way so they can investigate computers if compelled to by court or law,
and so they can recover important information off computers when the user
exits the company.

If he was using a BYOD computer I'd have a different opinion on the matter.

~~~
Quekid5
The definition of acceptable use (and expectations of privacy) differs a lot
between different countries. For example, in the EU, I believe that any
personal email received on a work account is actually considered "beyond
reach" of your employer.

I don't _know_ , but I imagine that such considerations could easily extend to
your password.

Btw, how did the sysop know that what he recovered was the _actual_ password?
I mean, it's unlikely, but at least theoretically possible that it was a false
positive. The password hashes in those days were pretty weak... Just a
thought; I don't think it realistically was a false positive.

~~~
WBrad
That is true, there are stronger privacy protections in the EU in general. I
don't consider the actions here _morally_ justifiable, just legally.

As far as it being the actual password, a false positive AND the fact he had
been creeping on a coworker at the same time seems extraordinarily unlikely to
me.

~~~
Quekid5
Agreed about the false positive, btw. It was just a hypothetical, but court
cases ("beyond reasonable doubt") have a _very_ high standard of proof.

------
apetresc
A slight nitpick with the article - `p/q2-q4` (more commonly written as "1\.
d4" in modern times) is not the Closed Game, it's just the first move of it.
There are many, _many_ other lines after 1. d4 besides just 1. ..d5, most of
them quite open!

~~~
CrazyStat
It is the beginning of the closed game, which is what the article says.

Seems like a vacuous nitpick.

~~~
newen
Not if you play chess. 1. d4 is played probably more than half the time in
professional games. It can lead to lots of different openings, closed and open
(but not at the same time).

~~~
umanwizard
Really? I though 1. e4 was more common. TIL!

~~~
CrazyStat
e4 is more common. d4 is second.

------
mkoryak
I was able to log into his facebook and twitter accounts using that same
password!

 __Edit __: Ha ha, this is a bad joke!

~~~
snazz
Uh oh. No 2FA? Definitely send him an email about that.

