Scribd Logo
Upload

Welcome to Scribd!

  • GS Cracked PSWD Report

    Uploaded by

    Gaurav Great
    15 views2 pages
    The document discusses a data breach where an organization's password database was leaked. It provides information about the leaked passwords including: 1) The organization used MD5 hashing to store passwords, which offers little security since it is susceptible to collisions. 2) Based on the cracked passwords, the organization's password policy had a minimum length of 6 characters including combinations of letters, numbers, and symbols. 3) To improve security, the document recommends using a stronger hashing algorithm like SHA, enforcing longer passwords of at least 8 characters with combinations of different character types, avoiding common/simple passwords, and not basing passwords on personal information.

    Original Description:

    Original Title

    GS Cracked Pswd Report

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses a data breach where an organization's password database was leaked. It provides information about the leaked passwords including: 1) The organization used MD5 hashing to store passwords, which offers little security since it is susceptible to collisions. 2) Based on the cracked passwords, the organization's password policy had a minimum length of 6 characters including combinations of letters, numbers, and symbols. 3) To improve security, the document recommends using a stronger hashing algorithm like SHA, enforcing longer passwords of at least 8 characters with combinations of different character types, avoiding common/simple passwords, and not basing passwords on personal information.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    15 views2 pages

    GS Cracked PSWD Report

    Uploaded by

    Gaurav Great
    The document discusses a data breach where an organization's password database was leaked. It provides information about the leaked passwords including: 1) The organization used MD5 hashing to store passwords, which offers little security since it is susceptible to collisions. 2) Based on the cracked passwords, the organization's password policy had a minimum length of 6 characters including combinations of letters, numbers, and symbols. 3) To improve security, the document recommends using a stronger hashing algorithm like SHA, enforcing longer passwords of at least 8 characters with combinations of different character types, avoiding common/simple passwords, and not basing passwords on personal information.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Sir/Ma’am,

    Given at the bottom is a list of the cracked passwords.

     What type of hashing algorithm was used to protect passwords?

    MD5 was used as the security algorithm for each of the given cases.

     What level of protection does the mechanism offer for passwords?

    MD5 offers little protection for the passwords as it has already been shown to have weaknesses
    like being susceptible to collision.

     What controls could be implemented to make cracking much harder for the hacker in the
    event of a password database leaking again?

    A stronger hashing algorithm can be used instead of MD5, like the SHA algorithm.

     What can you tell about the organization’s password policy (e.g. password length, key
    space, etc.)?

    The following two things can be deduced about the organization’s password policy:

    1) Minimum password length is 6


    2) Password can be any possible combination of small letters, capital letters, numbers
    and symbols with a minimum of 6 characters in total

     What would you change in the password policy to make breaking the passwords harder?

    Some steps which can be taken to make cracking harder are:

    1) Use of long passwords, at least 8 because after that point brute force attacks start to
    take a very long time.
    2) Include combinations of special characters, numbers, small and capital letters in the
    password.
    3) Use of common passwords should be minimized or, if possible avoided.
    4) Password should not contain username or other personal information, which can be
    easily accessed by anyone.

    Thanking you,

    Name: Gaurav

    Cracked Passwords List:

    popularkiya7:e99a18c428cb38d5f260853678922e03:abc123

    ortspoon:d8578edf8458ce06fbc5bb76a58c5ca4:qwerty
    simmson56:96e79218965eb72c92a549dd5a330112:111111

    liveltekah:3f230640b78d7e71ac5514e57935eb69:qazxsw

    eatingcake1994:fcea920f7412b5da7be0cf42b8c93759:1234567

    johnwick007:f6a0cb102c62879d397b12b62c092c06:bluered

    bookma:25d55ad283aa400af464c76d713c07ad:12345678

    reallychel:5f4dcc3b5aa765d61d8327deb882cf99:password

    moodie:8d763385e0476ae208f21bc63956f748:moodie00

    interestec:25f9e794323b453885f5181f1b624d0b:123456789

    experthead:e10adc3949ba59abbe56e057f20f883e:123456

    heroanhart:7c6a180b36896a0a8c02787eeafb0e4c:password1

    edi_tesla89:6c569aabbf7775ef8fc570e228c16b98:password!

    blikimore:917eb5e9d6d6bca820922a0c6f7cc28b:Pa$$word1

    You might also like