Dailydave mailing list archives
Re: phpbb.com hacked...
From: Robert Graham <robert_david_graham () yahoo com>
Date: Sat, 7 Feb 2009 11:16:03 -0800 (PST)
Oh, yea, there are lots of problems with the dataset, that's just one potential problem. My analysis should be viewed as one datapoint in the field of password analysis rather than an authoritative assessment of all passwords. The passwords come with user information. That information looks what I expect from legitimate users rather than what I see as spammers on PHPbb style forums. Thus, the numbers may be skewed by spammers, but I think it largely reflects normal users. --- On Sat, 2/7/09, Robert Lemos <mail () robertlemos com> wrote:
From: Robert Lemos <mail () robertlemos com> Subject: Re: [Dailydave] phpbb.com hacked... To: robert_david_graham () yahoo com Cc: "dailydave" <dailydave () lists immunitysec com>, "Dave Aitel" <dave.aitel () gmail com> Date: Saturday, February 7, 2009, 4:41 AM Did you take into account that about half the accounts appeared to be spammers, according to the post by the guy who hacked the site? (He found 400,000 accounts, but there are only 200,000 members.) So, in fact, the 28,000 passwords he decrypted may only be spam accounts, or a significant fraction of them are, which could be the reason your results are skewed toward simple passwords. Just an alternative explanation... -R On Feb 6, 2009, at 6:12 PM, Robert Graham wrote:I ran the passwords through an analysis program togather statistics on them. I posted a summary of the results here:http://www.darkreading.com/blog/archives/2009/02/phpbb_password.html35% of passwords are 6-characters. Here is the top 20list:Here is the top 20 passwords from the phpbb dataset: 3.03% "123456" 2.13% "password" 1.45% "phpbb" 0.91% "qwerty" 0.82% "12345" 0.59% "12345678" 0.58% "letmein" 0.53% "1234" 0.50% "test" 0.43% "123" 0.36% "trustno1" 0.33% "dragon" 0.31% "abc123" 0.31% "123456789" 0.31% "111111" 0.30% "hello" 0.30% "monkey" 0.28% "master" 0.22% "killer" 0.22% "123123" Why are "dragon", "master", and"killer" so popular? Since the phpbb dataset includes e-mail addresses, I'm thinking of e-mailing the people and ask them why they chose that particular password. Likewise, while I know that "trustno1" was a password used in the X-Files, I forget where "letmein" and "monkey" come from (I know they were used in movies/tv, I just forget which ones). | robert lemos | mail () robertlemos com | | science & technology journalist | | http://www.robertlemos.com |
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- phpbb.com hacked... Dave Aitel (Feb 04)
- Re: phpbb.com hacked... Robert Graham (Feb 06)
- Re: phpbb.com hacked... Jeremie Le Hen (Feb 27)
- Re: phpbb.com hacked... Ary Kokos (Feb 27)
- Re: phpbb.com hacked... Martin Zember (Feb 27)
- Re: phpbb.com hacked... Ary Kokos (Feb 27)
- <Possible follow-ups>
- Re: phpbb.com hacked... Robert Graham (Feb 07)
- Re: phpbb.com hacked... Juha-Matti Laurio (Feb 27)
- Re: phpbb.com hacked... Fyodor (Feb 27)