Password storage and its encryption is a common question that’s often discussed in the cyber security world. At many occasions, when people mention encrypted passwords, they really mean hashed passwords. Unlike encryption, a password that’s undergone the hashing process, can’t be reversed using the same key.
However, thanks to the leaked password hashes on the file-sharing websites and dark web, our passwords are less secure than ever. Some of the latest data breaches affected millions of LinkedIn and TalkTalk users.
For a hacker, getting access to these password hashes, extracting real passwords and using them to compromise the online accounts isn’t a tough task. Using the same technique, the hackers are now increasingly targeting the social media accounts of technology CEOs–Mark Zuckerberg, Jack Dorsey, Marissa Mayer–and Hollywood celebrities.
Well, even if you are using a super safe password that has been created using some advanced techniques, these massive breaches have made them unsafe.
This process has been explained in an exceptional manner by the YouTube channel Computerphile.
This cracking video shows a deep learning beast that uses 4 NVIDIA GPUs and a password cracking tool called Hashcat. Hashcat lets you do different types of password cracking. Thanks to these GPUs, Hashcat takes billions of plain-text passwords and hashes them using MD5 at a rate of 40 billion per second.
The presenter explains the process in detail and tells you the best practices that should be adopted while creating a new password. It’s always good to avoid small combinations and dictionary words in your password. I’ll also suggest you to keep changing your passwords from time-to-time.