123
-=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- (c) WidthPadding Industries 1987 0|571|0 -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=-
Socoder -> Off Topic -> forgotten your password google can find it for you unfortunately

Wed, 05 Dec 2007, 05:06
lyons
i came across this article the other day, thought you all might be intrested.

link...

kinda shows you the side-effects of a search engine can be...

i have personaly tryed this and although i didn't come up using my pasword, other people did :S

guess its time to create a more harder password involving a-z 0-9 and a few -~ etc.

-=-=-

Wed, 05 Dec 2007, 05:13
Jayenkai
I typically use a much harder password for important sites, anyway..

Of course, that does assume that you have access to the MD5 hash in the first place.
Basic rule of net usage, clear out your cache if someone else is going to use your system, and hope the site-admin's are keeping things secure.

..

(site-admin hopes he's keeping things secure.)

-=-=-
''Load, Next List!''
Wed, 05 Dec 2007, 05:44
JL235
A very interesting article, and again shows the overwhelming power of Google. Lately I've been shown and heard a lot of stories which have made me start to wonder 'is Google too powerful?'. Not even the creators of Google realised just how powerful all the information it was storing would be. Although Google didn't find any of my passwords. Even the one that I consider to be insecure because it doesn't use any numbers.
Wed, 05 Dec 2007, 05:46
Toaster
lol anyone who gets your MD5 keys can easily crack the MD5 passwords. In fact back in highschool I use to crack the server and grab all the passwords for everyones accounts. Then I just started login in as different one time I got really evil and logged into someones email. Never use the same password for you email as everything else..
Wed, 05 Dec 2007, 09:42
mole
But how do you get the average user's password hash?
Wed, 05 Dec 2007, 10:13
Toaster
You have to find the md5 passwords list this is usualy hidden and either in a txt format or something else..

Tutorial on hash cracking at least MD5

https://qte.dk/articles/miscellaneous/md5decryption/

-Toaster


Wed, 05 Dec 2007, 10:59
power mousey

Hate to admit it JL235,
but you're right.

Google is getting to big and powerful.
And along with other companies such as IBM,
Digital Angel, Intel, Blackwater, others
will and are becoming part of the Survelliance Society.
And all body parts of the coming beast and his system.
Its all developing and being put into place.

one link:

abcnews.go.com/Business/FunMoney/story?id=3937203&page=1



Wed, 05 Dec 2007, 13:29
Scherererer
interested in seeing the scope of that power?
www.paterva.com/web2/maltego/maltego.html

direct link to the interface:
maltego1.paterva.com/maltego-classic.html

-=-=-
YouTube Twitter
Computer Science Series: Logic (pt1) (part 2) (part 3) 2's Complement Mathematics: Basic Differential Calculus
Wed, 05 Dec 2007, 15:03
power mousey

oh my gosh!

but hey Instinct, don't forget the chips.
The RFID chips and tattoo insignias too.
insignias-->input signals.

Seriously.
Wed, 05 Dec 2007, 15:40
HoboBen
I liked the suggestion by bmcusick (near the bottom of the gaurdian article) on using a word plus the site name e.g. taking "hobo" and "socoder" to make "hobosocoder" then putting it through a hasher twice. Certainly means you get unique passwords each time, and not hard to recover if you lose your saved Firefox passwords either.

I think there's also some responsibility on the web developer's side to make things secure: MD5 isn't secure any more (even two different programs can be made to share the same hash) and SHA1 won't be strong forever.

I tend to mix many algorithms together, so if one type is shown to be weak, there's still the potential for the other algorithms to hold strong. So I might first salt the input then do something like both WHIRLPOOL and SHA256 it, or whatever - the host I'm with has a lot of hashing algorithms installed, I usually pick SHA256/512 and one or two others.

But, yeah, thanks for the link lyons, the comments were very interesting.

-=-=-
blog | work | code | more code
Wed, 05 Dec 2007, 18:26
power mousey

yet, Hobo

you may think you are secure.
And perhaps you might be...but for a little awhile.

another link: www.examiner.com/a-1082339~Melanie_Scarborough__Somebody_is_lying_about_FISA.html