@Stay EZ My Friends I think you've misunderstood how it works. You hash the whole password, but only send the first few characters of the hash. Then, any matching hashes are sent to you, for you to compare with the full hash to see if any of them are your password. There are no changes to the input.
@Stay EZ My Friends that's entirely possible. My understanding is that the avalanche effect means that the hashes of "000" and "001" and "010" will be very different. Just by changing a single bit, you completely change the output. If I'm right about that, I don't see how it has any effect on how this checks passwords.
@Stay EZ My Friends I don't see your real examples. My understanding of how this works is that you hash your *full* password, then send the first few digits of the hash. It then compares those digits to the first digits of the hashes of *entire* passwords. Any matches, it sends back the full hashes, for you to compare with your full hash. I see nowhere that the avalanche effect comes into play, as you're always hashing the full password.
Nice! Its MD5 only contains "BAAE3B", which clearly demonstrates that MD5 is the inferior algorithm to SHA-1. :^) (Alas, SHA-256 is still better. But in it, I can only find "BFF". So my cryptographic horoscope is telling me Kate and I will be happier as friends? ^^)
Still allows for some nasty stuff in two cases: 1. Only one hash which starts off similarly can be found (not likely), 2. The user checks for multiple passwords. 2 is a problem because all of the hashes that the server returns can be traced back to passwords, and those can be traced back to accounts connected to them. So if the user checks multiple passwords that can be traced back to their accounts, the likelihood of identifying the user increases. But yeah, it doesn't leak the passwords that haven't previously been leaked straight away, but still might make guessing them easier. Thanks to potentially identifying the password habits of the person and having the beginning of a hash.
@@mirmbloatbust4783 2 isn't much of a problem in my opinion. The k-anonymity implementation was suggested by CloudFlare due to the bandwidth usage - you literally have everything from password managers to UK government departments all using the same API. Passwords are also not unique - my weakest password is (to paraphrase) randomstring1 and the next number in the iteration has been leaked (as have some in the 80-99 range - birth years) even though I've never used them. CloudFlare have probably seen most of your passwords anyway as they are the biggest CDN, and most partial hash lookups don't end up going to the origin server because of k-anonymity and aggressive caching. That just leaves trust in the frontend of whatever is using the password API v2, and TLS stack/library/protocol. Also, haveibeenpwned doesn't make the data available to link breached accounts with leaked passwords. If you are concerned about the origin server knowing who you are based on password lookups that return positive results, we are talking about a database built from data breaches that contain your e-mail addresses and passwords. If you only have one e-mail address, it'd be a waste of resources for the API to link passwords to it based on password lookups because the service could have used the data already available.
@@mirmbloatbust4783 i don't know much about cryptography but iirc sha1 hashes are "random" so the first part should not allow them to get the first part of the password.
6 років тому+6
The first thing I did once I find out about this website was to inspect all js to figure out what heck it was doing with the passwords. Got really impressed! Kudos
That git repository is a treat. The same program implemented in multiple languages: python, go, haskell, julia (I don't even know what that is), bash and perl, the last being my comfort zone. So now I have all these examples with which to compare and contrast. Very nice. I'll skip the java and powershell if that's OK. Happily, all the passwords I tried passed. My trick is I use my social security number as my password for everything. That way, when one of those sites gets hacked, they'll have everything all in one go.
What exactly is a private breach in this example? Did the perpetrator break some site and then give Troy and ONLY Troy their ill gotten loot? If the site owner gave the list of exposed data to Troy then in all probability that data is in the wild and may be being traded on exclusive forums, but in that instance it is only a delay to wider public dissemination.
@@foo0815 His reasoning is quite sound though. If you can't remember the password, you might as well not have a password. Try that principle with other words in that database. Tip: use a word that's not in the dictionary (and not in use in general) in the password, that you can actually remember. (ex: "fortify persident campaign etchings"). And put your choice of easily remembered special characters in there.
Xileer Torias No, the point of the approach is that you calculate the entropy given that it is in a dictionary. Of course, partially deviating from the pattern by adding a non-word or special characters in the middle will still make it even stronger.
Found this API about two months ago and immediately implement a script that goes through every password in my password manager and checks it. Super handy tool, gotta give it to them. (All my passwords turned out not to be in there, but you never know. Though, if a password does get compromised, it's not a big deal for me, anyway, since I don't reuse passwords)
There's a problem using the command line as shown in this video: it will appear in your shell history and for a split second also in your list of current processes. The best way is to have to type your password interactively.
Also careful not to do it in the interactive Python REPL. I noticed Python 2.7 on my system has no history, but Python 3.5 and Python 3.7 both have a history. Read STDIN and type password in via request from STDIN. No shells, no REPLs, no pipes!
@MichaelKingsfordGray What! Use your real name? You would go through all the trouble to make a secure chip for a password and then give your real full name out on the internet? *facepalm*
And "123456" like 23 million. Taking a positive angle, if there are 3 billion people on the internet, that's only the dumbest 0.5% (taking into account duplicates and troll accounts).
regarding bad practices people do with well intended info from these videos, I know its just a demonstration but I'd still like to point this out. if you were to use some small commandline utility you threw together yourself to check your passwords, like in the video. they'll end up in your shell history(every command you ran goes there for a while) which is just a plaintext file. Effectively undoing the whole point of an encrypted password database. cheers
@@recklessroges "In cryptography, a salt is random data that is used as an additional input to a one-way function that "hashes" data, a password or passphrase."
One "strong password" (459 matches for strongpassword) technique folks use is to choose the first char of a series of words from a song. The results for "Jumpin' Jack Flash it's a gas gas gas (jjfiaggg)": 56 matches. For the typing class phrase "The quick brown fox jumps over the lazy dog (tqbfjotld)": 956 matches. (Yes, I know computerphile (1 match) recommended adding special characters to such a PW, so, "jjfiaggg!": 1 match :) ). Golly (541 matches) it's fun to guess the cleverest (90 matches) passwords, like "iamclever": (164 matches) but "youareanidiot" (57 matches) and hit this range API with my little golang (24 matches) script. And thanks for introducing me to k-Anonymity (0 matches!!), neat!!
jjfiaggg is a bit too brute forceable. might as well go for longer songs ittrlitjfcialnefr or talwsatgigasbasth There would be people who could figure these out from that alone but for everyone else They are very long popular songs by Queen and Led Zep
If you are very paranoid you can always just download the pwned passwords list and write some code to do it all locally. On the plus side, you'll learn how to search through a 22+ GB file quickly!
Was fun to work with the 1TB leak few months ago to create an alphabetically ordered password list of all the unique passwords, followed up with the number they were encountered in it. Would have been swell to do that on a SSD and more memory than 4GBs in hindsight. :P
If the file is already sorted, then it will be extremely easy and fast to search it, even on a slow system with slow I/O. No need for multi-threading or anything special. seek into the middle of the file, read until a newline is found, see if the hash is less, equal or greater than the searched one... depending on that check you search the part before or behind the current position. Its just a binary search. This could be done by hand. If the file isn't already sorted, then fast hardware (a computer) could be useful. If only one hash is searched, just use "grep completehash pw-hash-list.txt", grep uses a quite fast algorithm (boyer moore) to find a word in a large amount of data. If the file isn't sorted and many hashes should be checked you need a lot of ram and a program called "sort", just sort the list and use the second mentioned method. ;)
1) Hash in sha-1. 2) Request the appropriate address. 3) Cross the list to search for a match. 4) Output the result. You should not trust anyone and do it yourself. Time to learn how to code ?
well it is nice to know a bit more about the "Have I been Pwned" site... even if i hear it is safe i would rather have multiple sources of trust to confirm... even tho you are the second! (the other was a PC security channel that tests antivirus programs)
Now, if only we could convince websites to refuse new passwords / password change requests that appear on these lists. Then, after that, we might be able to convince websites to use bcrypt, and increase their maximum password length such that correcthorsebatterystaple could actually be used if it wasn't already disclosed and prevented by step one.
Yeah that would be great. However website owners wants as many users as possible. If the user find it cumbersome to sign up, the website might loose that user and potentional revenue. We would practically have to make it punishable by law to use crappy passwords.
Yes. I was pwned the moment I purchased my hardware, with all of its built in backdoors and in designed vulnerabilities. Cell phones have 200 builtin backdoors for “network monitoring” in order to prevent violations of “insert country regulatory body here” frequency regulations. Anyone who buys any technology is owned at the time of purchase.
Decided to go to haveibeenpwned and search my main 2 emails, and I’ve been Pwned on both. Guess I’m creating a new identity and moving to the other end of the earth.
Thank you for making useful vids. I will be using your code at home and work right away. I also love that you use python. I have learned much from reviewing code that you've offered. Cheers!
What's your stance on password managers in the cloud such as the mentioned one password or dash lane for example? So many people seem to be using one of these kind these days, but I'm still very sceptical.
I think the reputable ones encrypt/decrypt client-side using a master password. If they also use your master password to login, I believe what gets sent to the server is derived from a hash of the password, not the password itself. Though this does mean you should be extra careful choosing your master password.
dsenti may just be on to something. If you take the SHA-1 hash of Dr. Mike's example - be it password1, or Password1, or password 1, or Password 1, the hash doesn't start with FA2241C. And if you use cURL to input any of those actual hashes into the website, it doesn't return ANY corresponding leaked hashes! Of course, the hash depends on SO much more than just what the password is - like the font you use, whether it is ASCII or UTF-8 encoding, whether you create the password in Notepad vs. Wordpad vs. RTF vs. MSWord, etc. and probably a hundred other things. Which renders the whole exercise of hashing your password yourself for submission rather pointless. Or worse, it lends a false sense of security when no hits are returned. So you're really only left with the option of typing your password into a random box on the internet. I think I'll give it a try it right now - NOT!
@@jameyd916 Managed to fix the issue. Turned out that I did have pip installed on python 2.7, but I also had python 3.3 installed which does not come with pip and command line was using python 3.3, so I uninstalled 2.7 and 3.3 and installed 3.7 with pip and it all worked fine.
so how do you work out diacritical marks / accents? I am cheking Polish for password (hasło) and I get 0 matches even if I enter it on /password site directly.
I ran the script today and password1 was found 2413945 times! And password1234 was found 23183 times Iloveyoukate was found 95 times Correct horse battery staple was found 120 times @computerphile , does your video has negative effect?
Hi. Love your content. This question might seem a bit off topic, but since you like to look at things from a different perspective, I think you might have an interesting opinion on this: I have been looking into amateur music production lately and I found out that sound cards in laptop is just not a thing. Which really surprised me. But I got to think that with the help of graphic cards you should be able to model oscillators properly and therefore I figured there should be a way to use one's graphics card capacity for sound rendering?
Wow, nice! That almost seems like somebody generated the hashes for all "iloveyou[female name]" that he could imagine, and checked them before choosing "kate", lol
I know it seems radical but its about time we just get rid of passwords. Any time you type in a password its a liability that it will be recorded or compromised. Using your phone as authenticator is great. If your phone gets stolen you just have to remove it as an authenticatior. If you want to have some time so the thief can't immediately get into your accounts add a phone lock with pin or fingerprint. While these methods are not super hard to crack it'd still take hours to days. Phones can also be remote locked and easily deactivated. The only problem is there's no universal or standardized way to authenticating this way.
How do you authenticate yourself to the system that lets you remove your phone as an authenticater? I agree that there are lots of problems with passwords, but it's very hard to find something that can fully replace them. People have been trying for decades.
@@superfluidity There's no way to revoke who has access to your password except to change it. When you make an account it authenticates to that device like your desktop from there you can tell a website to authenticate with your phone. As a backup you can use a public key stored on your desktop or on a usb key to do management like locking all authenticators.
I'm not saying my linked in password is password but if I had a linked in account it wouldn't bother me if it had a weak password. Only the people who use those same awful passwords for sites that matter are even making much of a mistake.
I know several languages, so in order to create a password I just think of some sentence that has my personal, unique association with the service, then translate it through several languages and at the end I translate it into an agglutinative language where it is a convenient long word. Even if I tell you the word out loud it would sound like a bunch of gibberish, but it makes perfect sense to me and is connected to a specific software/service in my head. So far I haven't forgotten any of my passwords.
Hilarious closing - "I thought you were leaked. (embarrassing look). Definitely not. " You guys provide informative and useful content. You should be a the ten million subscriber mark. Keep on keeping on!
Hi! Why you use only sha1 when calculating hash? Not all cracked companies use this algorithm to protect your passwords (also sha256, or pbkdf2 with sha256 and salt (and pepper maybe)). Using sha1 in example script is about common use case? Or I missed something? Thanks!
Is it possible the API returns only the remaining of the hash to ensure that even if that list was somehow intercepted it is of no use without the prefix that was sent over https?
@@recklessroges but for me it's not about reading faqs. I want to go the long way, I don't want to just be given the database. I want to skim it off myself :D I'm weird that way.
Problem with correcthorsebatt*erystaple though is that people can modify a dictionary attack by trying to insert characters like that. It's not likely, but it's still possible, so best practice would probably be if the original four-word password is in the database, try using something different first anyways.
Getting back the same hash does not necessarily mean your password has been discovered due to collisions with hash algorithms. Meaning that two different passwords can return the same hash - this is rare but it is possible.
Absolutely true but even with sha-1 you can expect duplicates to start with strings so long they can't be used as passwords, so if you see anything except 0 results, CHANGE IT.
Have keepass, (or apg) create a new passphrase takes less than a second. Why take the risk of waiting until you do your monthly passphrase updates and key rolling?
@@recklessroges please tell me that you are not in charge of password policy at any organisation. Password maximum age has lead to poor password choices by the VAST bulk of people. Password expiry has been strongly discouraged for over a decade
Cryptographic hash collisions are astronomically unlikely on naturally occuring data (like user-chosen or random passwords). The problem wih MD5 (and recently SHA1) is that it's feasible to deliberately manufacture (long, very random-looking) data that has the same hash. This will never occur by chance, so it's no relevant here.
Another great video from Dr. Mike Pwned
His business cards should read "Call Pound before you get pwned."
Welp looks like we have your nickname Dr. Pwned
@Stay EZ My Friends I think you've misunderstood how it works. You hash the whole password, but only send the first few characters of the hash. Then, any matching hashes are sent to you, for you to compare with the full hash to see if any of them are your password. There are no changes to the input.
@Stay EZ My Friends that's entirely possible. My understanding is that the avalanche effect means that the hashes of "000" and "001" and "010" will be very different. Just by changing a single bit, you completely change the output.
If I'm right about that, I don't see how it has any effect on how this checks passwords.
@Stay EZ My Friends I don't see your real examples. My understanding of how this works is that you hash your *full* password, then send the first few digits of the hash. It then compares those digits to the first digits of the hashes of *entire* passwords. Any matches, it sends back the full hashes, for you to compare with your full hash. I see nowhere that the avalanche effect comes into play, as you're always hashing the full password.
I feel like Dr. Pound was not at all surprised by the people who used correcthorsebatterystaple, yet somehow is still disappointed by them.
I was actually surprised that it didn't have more results than it did really
This ability is one of the racial bonuses for English characters
"Horsecorrectstaplebattery" is my choice of password
Sweet that the hash for "iloveyoukate" starts with BA8E 😍
Nice! Its MD5 only contains "BAAE3B", which clearly demonstrates that MD5 is the inferior algorithm to SHA-1. :^)
(Alas, SHA-256 is still better. But in it, I can only find "BFF". So my cryptographic horoscope is telling me Kate and I will be happier as friends? ^^)
@@nibblrrr7124 lol cryptograpgic horoscope! hashing numerology!
That guy has since changed his password to "divorcecourt".
"Pwned? If I'm wrong then I'm a noob" - Mike knows what's up.
'if you think you know everything, you're not trying hard enough' - H.D.Moore .... everyone is a n00b.
@@hakology I know just enough to know how much I do not know...
Ahhhhh it’s like 2006 all over again
1-2-3-4-5? That's amazing I've got the same combination on my luggage!
Lol spaceballs
Mines samsonite
Hehehe
@@rjj5574 2814 times in list
Now that's an interesting way to check passwords without actually sending them. I like it.
Still allows for some nasty stuff in two cases: 1. Only one hash which starts off similarly can be found (not likely), 2. The user checks for multiple passwords.
2 is a problem because all of the hashes that the server returns can be traced back to passwords, and those can be traced back to accounts connected to them. So if the user checks multiple passwords that can be traced back to their accounts, the likelihood of identifying the user increases.
But yeah, it doesn't leak the passwords that haven't previously been leaked straight away, but still might make guessing them easier. Thanks to potentially identifying the password habits of the person and having the beginning of a hash.
@@mirmbloatbust4783 I don't think 1 is a problem. If only 1 password is returned, it's still very unlikely it is yours.
@@CitronLighter Yup, I agree. 2 is the real problem.
@@mirmbloatbust4783 2 isn't much of a problem in my opinion. The k-anonymity implementation was suggested by CloudFlare due to the bandwidth usage - you literally have everything from password managers to UK government departments all using the same API.
Passwords are also not unique - my weakest password is (to paraphrase) randomstring1 and the next number in the iteration has been leaked (as have some in the 80-99 range - birth years) even though I've never used them.
CloudFlare have probably seen most of your passwords anyway as they are the biggest CDN, and most partial hash lookups don't end up going to the origin server because of k-anonymity and aggressive caching.
That just leaves trust in the frontend of whatever is using the password API v2, and TLS stack/library/protocol.
Also, haveibeenpwned doesn't make the data available to link breached accounts with leaked passwords. If you are concerned about the origin server knowing who you are based on password lookups that return positive results, we are talking about a database built from data breaches that contain your e-mail addresses and passwords. If you only have one e-mail address, it'd be a waste of resources for the API to link passwords to it based on password lookups because the service could have used the data already available.
@@mirmbloatbust4783 i don't know much about cryptography but iirc sha1 hashes are "random" so the first part should not allow them to get the first part of the password.
The first thing I did once I find out about this website was to inspect all js to figure out what heck it was doing with the passwords.
Got really impressed! Kudos
Hilariously, the other password from that same XKCD comic strip "Tr0ub4dor&3" which was used as an anti password cannot be found in that password API.
what do you mean by anti-password?
@@El_Chompoit was an example of a poorly chosen password
At least they understood that part well.
So... It's a strong password?!
@@PragmaticAntithesis not anymore
The out-take is great xD
*unhackable* shows up 602 times.
ironic :)
621 times
@@HaxorBird :3
@@andrewandrei3062 a --man-- anthro of culture I see
edit, YT comment formatting is a pain in the back, I swear it was double hyphens a while ago
639 now
His explanations are truly great. Such a good teacher.
I checked, the password "computerphile" occurs one time in the pwned password list! Why? Who? What!
still waiting on numberphile though.
It's obviously Sean's password for the Computerphile Google account
And also how is it working like how did only one person think of this
@@OrangeC7 only one that got leaked - there might be hundreds of others USING that password. ;-)
maybe that person didn't know about the computerphile channel and thought they were being clever inventing a word?
I love this guy. Please do more neural network videos with him.
So if I need to sell stolen password data do I go to the Pwn Shop??
I'll see myself out
E- auto @Cadde correct
I’ll get me coat.
Pwn is a correct word, pwne is not.
@@RealCadde
I know, derrr
Noted, amended
That's already a deep web blackmarket site
Alright fine, guess I'll change my password to iLoveYouMike
iLoveYou*Mike
iLoveLamp
@@brokentombot I see what you did there 👨
@@mikejohnstonbob935 make sure to put the symbol in the middle of the word, instead of between words!
That git repository is a treat. The same program implemented in multiple languages: python, go, haskell, julia (I don't even know what that is), bash and perl, the last being my comfort zone. So now I have all these examples with which to compare and contrast. Very nice. I'll skip the java and powershell if that's OK.
Happily, all the passwords I tried passed. My trick is I use my social security number as my password for everything. That way, when one of those sites gets hacked, they'll have everything all in one go.
Great video. Not nearly as dense and dull as lectures, still informative, and actually entertaining and easy to watch.
8:53 - not all are publicly available, some are from private breaches which have been given to Troy
What exactly is a private breach in this example? Did the perpetrator break some site and then give Troy and ONLY Troy their ill gotten loot? If the site owner gave the list of exposed data to Troy then in all probability that data is in the wild and may be being traded on exclusive forums, but in that instance it is only a delay to wider public dissemination.
correct horse battery staple.... instant facepalm hahahaha.
It's amusing that Munroe's counter-example for a bad password (Tr0ub4dor&3) in *not* in the pwned list...
@@foo0815 xkcd is known for information warfare.
@@foo0815 His reasoning is quite sound though. If you can't remember the password, you might as well not have a password. Try that principle with other words in that database.
Tip: use a word that's not in the dictionary (and not in use in general) in the password, that you can actually remember. (ex: "fortify persident campaign etchings").
And put your choice of easily remembered special characters in there.
@@Reelix That's why you should just include one word that's not in the dictionary.
Xileer Torias No, the point of the approach is that you calculate the entropy given that it is in a dictionary. Of course, partially deviating from the pattern by adding a non-word or special characters in the middle will still make it even stronger.
Found this API about two months ago and immediately implement a script that goes through every password in my password manager and checks it. Super handy tool, gotta give it to them. (All my passwords turned out not to be in there, but you never know. Though, if a password does get compromised, it's not a big deal for me, anyway, since I don't reuse passwords)
There's a problem using the command line as shown in this video: it will appear in your shell history and for a split second also in your list of current processes.
The best way is to have to type your password interactively.
Also careful not to do it in the interactive Python REPL. I noticed Python 2.7 on my system has no history, but Python 3.5 and Python 3.7 both have a history. Read STDIN and type password in via request from STDIN. No shells, no REPLs, no pipes!
The only secure chip is one you build yourself.
Someone pull requested my github to fix this already! You're absolutely right, it wasn't ideal what I was doing.
Have you ever heard of sarcasm?
@MichaelKingsfordGray What! Use your real name? You would go through all the trouble to make a secure chip for a password and then give your real full name out on the internet? *facepalm*
I've been pwned endless times lol
This is also a good way of finding out where other people have been signing up 😉
Is this safe?
So much value in less than 11 minutes, and 100% accessible to anyone who knows python isn't just for snakes.
"password" has been leaked 3,645,804 times.
I will not fall for the same mistake as others have! I will use "wordpass"! No one can ever guess!
@@marekmichalovic8711 , we need more smart people like you.
How often has "has been leaked 3,645,804 times." been leaked?
@@FirstDagger That might have been a decent password until you wrote it
And "123456" like 23 million. Taking a positive angle, if there are 3 billion people on the internet, that's only the dumbest 0.5% (taking into account duplicates and troll accounts).
regarding bad practices people do with well intended info from these videos, I know its just a demonstration but I'd still like to point this out.
if you were to use some small commandline utility you threw together yourself to check your passwords, like in the video. they'll end up in your shell history(every command you ran goes there for a while) which is just a plaintext file. Effectively undoing the whole point of an encrypted password database.
cheers
CK You can put a space before the command and it won't store it in the history
export HISTIGNORE='[ \t]*'
Then put a space in front of any command you don't want in history.
Probably doesn't save you from audit log, though. Don't let people read audit log.
@@gyroninjamodder TIL. Thanks!
Thanks for pointing this out - I did eventually upload my code to github and someone already put in a pull request fixing this :)
Mike's videos are the best ones.
Troy Hunt's API is absolutely awesome. He also gives love to all the developers who use it to build applications by posting links on the website.
One thing to keep in mind with using that python script is that you are probably storing the password as clear text in your command history.
Add a space before the command to omit it from bash history, or better yet, use the getpass python library.
Thumbs up, if you're a developer who salts passwords. This makes one of several examples for why salting is important :)
I'm sure there are people who use salted plaintext passwords... Always assume the worst, don't trust anyone. ;)
That's also outdated. Salting is not enough in the slightest. Use bcrypt or pbkdf2. See Tom Scott's video about password storage.
@@joonasfi Are you saying bcrypt(password) is just as strong as a bcrypt(password + salt) ?
salting? (What is this? Security for ants?) argon2 then scrypt then blowfish then bcrypt. (I doubt all four have been compromised at this stage.)
@@recklessroges "In cryptography, a salt is random data that is used as an additional input to a one-way function that "hashes" data, a password or passphrase."
From time to time i come back to this video for some entertainment
I like how he laughs for like a fraction of a second then starts talking seriously. It’s very funny lol
This guy is awesome. I knew all this stuff already yet I still was entertained!
It’s also fun to go onto the password site to find all the horrible phrases people have as passwords that have been pwned
Oh, that's a really elegant solution! I like it.
One "strong password" (459 matches for strongpassword) technique folks use is to choose the first char of a series of words from a song. The results for "Jumpin' Jack Flash it's a gas gas gas (jjfiaggg)": 56 matches. For the typing class phrase "The quick brown fox jumps over the lazy dog (tqbfjotld)": 956 matches. (Yes, I know computerphile (1 match) recommended adding special characters to such a PW, so, "jjfiaggg!": 1 match :) ). Golly (541 matches) it's fun to guess the cleverest (90 matches) passwords, like "iamclever": (164 matches) but "youareanidiot" (57 matches) and hit this range API with my little golang (24 matches) script. And thanks for introducing me to k-Anonymity (0 matches!!), neat!!
jjfiaggg is a bit too brute forceable.
might as well go for longer songs
ittrlitjfcialnefr
or
talwsatgigasbasth
There would be people who could figure these out from that alone but for everyone else
They are very long popular songs by Queen and Led Zep
If you are very paranoid you can always just download the pwned passwords list and write some code to do it all locally. On the plus side, you'll learn how to search through a 22+ GB file quickly!
Multi-threading!
Was fun to work with the 1TB leak few months ago to create an alphabetically ordered password list of all the unique passwords, followed up with the number they were encountered in it. Would have been swell to do that on a SSD and more memory than 4GBs in hindsight. :P
@@dustysparks No need to multithread, just have the file organised alphanumerically and do a binary search.
If the file is already sorted, then it will be extremely easy and fast to search it, even on a slow system with slow I/O. No need for multi-threading or anything special.
seek into the middle of the file, read until a newline is found, see if the hash is less, equal or greater than the searched one... depending on that check you search the part before or behind the current position. Its just a binary search. This could be done by hand.
If the file isn't already sorted, then fast hardware (a computer) could be useful. If only one hash is searched, just use "grep completehash pw-hash-list.txt", grep uses a quite fast algorithm (boyer moore) to find a word in a large amount of data.
If the file isn't sorted and many hashes should be checked you need a lot of ram and a program called "sort", just sort the list and use the second mentioned method. ;)
There is a version sorted by hash which is of course rather fast to search through (and more easily compressed to boot)
Thank you for this video. I have now changed my password from iloveyoukate to iloveyoujan. Now I can rest easy.
I actually knew about this! Huge fan of this approach. Have gushed about it to some coworkers.
I love all Videos Mike makes to computerphile, I wish I could meet him!
Yet another great, clear and concise video. Thanks
My passwords from when I was a kid have surprisingly never been cracked. I'm shocked.
no one wants to hack your roblox account dude
never been leaked or never been cracked? there's a difference
There is a chance that someone have your pass but didn't make the database with it public nor shared with Troy Hunt (haveibeenpwned guy)
What was it?
mine have
I like that you make your notes on tractor feed paper
I love this channel especially the vids that involve security
He uploaded this the day my account got compromised.
Oof
I'd love to tell you just how great my password is, but then I'd have to change it, so just believe me.
I've already seen it. You should change it as you've been using it for far too long.
Those buttons are amazing. I spent far too much of this video looking at those buttons.
Extremely useful information! Thanks for making this video
A ressource of the code used in various videos would be nice :)
1) Hash in sha-1.
2) Request the appropriate address.
3) Cross the list to search for a match.
4) Output the result.
You should not trust anyone and do it yourself. Time to learn how to code ?
hurktang if you can audit the code there’s nothing wrong with using someone else’s
I've also written my own version. It supports checking multiple passwords with a file: github/lukas-dachtler/pwned.py
If you give me a list of all your passwords I'll check for you. 😎😎
@@hurktang "various videos", not necessarily this one. This one is fairly easy to replicate :)
well it is nice to know a bit more about the "Have I been Pwned" site... even if i hear it is safe i would rather have multiple sources of trust to confirm... even tho you are the second! (the other was a PC security channel that tests antivirus programs)
Every video this guy makes, a password dies.
Thanks for posting this, now I can link this video to people who think I'm trying to hack them, when I link HaveIBeenPwned
I enjoyed the Hackers reference at the end
Of course Mike's code is in the doobly too. Legend
Now, if only we could convince websites to refuse new passwords / password change requests that appear on these lists. Then, after that, we might be able to convince websites to use bcrypt, and increase their maximum password length such that correcthorsebatterystaple could actually be used if it wasn't already disclosed and prevented by step one.
Yeah that would be great. However website owners wants as many users as possible. If the user find it cumbersome to sign up, the website might loose that user and potentional revenue. We would practically have to make it punishable by law to use crappy passwords.
@@Baxtexx Carrying the death penalty for that particular genepool.
Glad you guys mentioned this site, it's rad 😊
I know computerphile is hosted by a different person, but it feels strange to not hear Brady's voice behind the camera
Yes. I was pwned the moment I purchased my hardware, with all of its built in backdoors and in designed vulnerabilities.
Cell phones have 200 builtin backdoors for “network monitoring” in order to prevent violations of “insert country regulatory body here” frequency regulations.
Anyone who buys any technology is owned at the time of purchase.
"correct horse battery staple" was compromised? Time to change to "incorrect horse battery staple".
Too bad it's already pwned too. :/
Decided to go to haveibeenpwned and search my main 2 emails, and I’ve been Pwned on both. Guess I’m creating a new identity and moving to the other end of the earth.
Thank you for making useful vids. I will be using your code at home and work right away. I also love that you use python. I have learned much from reviewing code that you've offered. Cheers!
urmom : 6367 times
urmom1 :12626
This was true for many passwords. It seems adding a 1 at the end of a password might actually make it less secure.
"urmom" is only 5 characters. I guess most people would use at least 6 characters.
@@sieevansetiawan4792 More sites are expecting a number and capital letter as well. Easiest way to do that is to add a 1 at the end.
it blew my mind that correcthorsebatterystable is now a used (and leaked obv) password :D
staple! :D
Fun fact: his e-mail address from Nottingham University (which can be found easily by searching on internet) is also on the pwned list. :)
Bloody beautifully explained
What's your stance on password managers in the cloud such as the mentioned one password or dash lane for example? So many people seem to be using one of these kind these days, but I'm still very sceptical.
I think the reputable ones encrypt/decrypt client-side using a master password. If they also use your master password to login, I believe what gets sent to the server is derived from a hash of the password, not the password itself. Though this does mean you should be extra careful choosing your master password.
Xevailo at least use keepass or better while you do your own due diligence.
Mike, talk to us about AES. I know that deep down, you have an urge to do so!
dsenti may just be on to something. If you take the SHA-1 hash of Dr. Mike's example - be it password1, or Password1, or password 1, or Password 1, the hash doesn't start with FA2241C. And if you use cURL to input any of those actual hashes into the website, it doesn't return ANY corresponding leaked hashes! Of course, the hash depends on SO much more than just what the password is - like the font you use, whether it is ASCII or UTF-8 encoding, whether you create the password in Notepad vs. Wordpad vs. RTF vs. MSWord, etc. and probably a hundred other things. Which renders the whole exercise of hashing your password yourself for submission rather pointless. Or worse, it lends a false sense of security when no hits are returned. So you're really only left with the option of typing your password into a random box on the internet. I think I'll give it a try it right now - NOT!
How do you install requests? The pip command returns "'pip' is not recognized as an internal or external command, operable program or batch file."
Make sure you install pip with the option ticked to add it to your PATH variable.
@@jameyd916 I'm sorry, but that makes no sense. There are no options or check boxes in command line.
@@bailey125 when you install pip with the python windows installer it was checkboxes, I meant those.
@@jameyd916 Oh... I installed python years ago lol. Maybe I unchecked it when installing. I'll probably just reinstall. Thanks :)
@@jameyd916 Managed to fix the issue. Turned out that I did have pip installed on python 2.7, but I also had python 3.3 installed which does not come with pip and command line was using python 3.3, so I uninstalled 2.7 and 3.3 and installed 3.7 with pip and it all worked fine.
10:01 i love the pure disappointment in his voice
Which thinkpad model is that?
so how do you work out diacritical marks / accents? I am cheking Polish for password (hasło) and I get 0 matches even if I enter it on /password site directly.
I ran the script today and password1 was found 2413945 times!
And password1234 was found 23183 times
Iloveyoukate was found 95 times
Correct horse battery staple was found 120 times
@computerphile , does your video has negative effect?
Hi. Love your content.
This question might seem a bit off topic, but since you like to look at things from a different perspective, I think you might have an interesting opinion on this:
I have been looking into amateur music production lately and I found out that sound cards in laptop is just not a thing. Which really surprised me. But I got to think that with the help of graphic cards you should be able to model oscillators properly and therefore I figured there should be a way to use one's graphics card capacity for sound rendering?
And the hash for 'iloveyoukate' starts with BABE... Of course it does! LOL
Well, BA8E, but close enough!
Wow, nice! That almost seems like somebody generated the hashes for all "iloveyou[female name]" that he could imagine, and checked them before choosing "kate", lol
I have been leaked 10 times with 0 pastes and had used the same password everywhere from the early 2000s up until 2016 :O
Duuuuude
What are you waiting for? Go grab a password manager and change all your site passwords!
Not bad actually.
Excellent presentation!!
Great Hackers reference!
Small correction: Troy Hunt has frequently stated that no passwords are stored on his databases
Asharas in a Box If you don’t trust him, you shouldn’t trust that either. The whole point of this is that you don’t have to trust him.
I was in the process of checking "correct horse battery staple" when he said to try "correct horse battery staple". :D
Thanks for sharing this tip. Super useful!
Bitwarden password manager also has a password leakage detection built in.
I know it seems radical but its about time we just get rid of passwords. Any time you type in a password its a liability that it will be recorded or compromised. Using your phone as authenticator is great. If your phone gets stolen you just have to remove it as an authenticatior. If you want to have some time so the thief can't immediately get into your accounts add a phone lock with pin or fingerprint. While these methods are not super hard to crack it'd still take hours to days. Phones can also be remote locked and easily deactivated. The only problem is there's no universal or standardized way to authenticating this way.
How do you authenticate yourself to the system that lets you remove your phone as an authenticater? I agree that there are lots of problems with passwords, but it's very hard to find something that can fully replace them. People have been trying for decades.
@@superfluidity There's no way to revoke who has access to your password except to change it. When you make an account it authenticates to that device like your desktop from there you can tell a website to authenticate with your phone. As a backup you can use a public key stored on your desktop or on a usb key to do management like locking all authenticators.
That's actually pretty useful, thanks!
The password "password" has been compromised 3,645,804 times... This is why I don't have faith in humanity...
I'm not saying my linked in password is password but if I had a linked in account it wouldn't bother me if it had a weak password. Only the people who use those same awful passwords for sites that matter are even making much of a mistake.
MORE MIKE POUND
I know several languages, so in order to create a password I just think of some sentence that has my personal, unique association with the service, then translate it through several languages and at the end I translate it into an agglutinative language where it is a convenient long word.
Even if I tell you the word out loud it would sound like a bunch of gibberish, but it makes perfect sense to me and is connected to a specific software/service in my head.
So far I haven't forgotten any of my passwords.
Eugen Afanasjev wow your so smart you probably have a huge weiner
Thank you, my email has been pwned.
I always wonder, is there anyone on the background you're talking to ?
No, you're hearing voices. :-)
Hilarious closing - "I thought you were leaked. (embarrassing look). Definitely not. "
You guys provide informative and useful content. You should be a the ten million subscriber mark. Keep on keeping on!
Why does this filming style remind me of The Office?
Use a password manager. Use the strong, generated passwords. Don't reuse passwords. Have a strong password that you can remember for your pwdb key.
Hi!
Why you use only sha1 when calculating hash?
Not all cracked companies use this algorithm to protect your passwords (also sha256, or pbkdf2 with sha256 and salt (and pepper maybe)).
Using sha1 in example script is about common use case? Or I missed something?
Thanks!
Is it possible the API returns only the remaining of the hash to ensure that even if that list was somehow intercepted it is of no use without the prefix that was sent over https?
7:15 As of 14/01/2022, that password has now been seen 245 times.
Does that also mean I could write a program that tries all hash beginnings from 00000 to FFF... To "test" for passwords and skim the whole database?
Yeah, or you could probably just ask to download his database
@@KatzRool no,no, never aks for anything :D just get stuff! Thanks for your answer!
If you read the FAQ of that website it tells you how you can download the passphrase hashes. Using the API is hugely inefficient.
@@recklessroges but for me it's not about reading faqs. I want to go the long way, I don't want to just be given the database. I want to skim it off myself :D I'm weird that way.
Problem with correcthorsebatt*erystaple though is that people can modify a dictionary attack by trying to insert characters like that. It's not likely, but it's still possible, so best practice would probably be if the original four-word password is in the database, try using something different first anyways.
simpele word concatenations aren't considered that safe anymore. Not at length
The person who talks in this video has another video on this channel that discusses exactly that
@@JochemKuijpers if they're all words like simpele it's still probably a very viable password strategy.
just send a broadcast to anyone in the internet with content: "my password is: 'password1'"
its a nice idea, but if you get a result with one unique use and it matches, you are as good as given them the whole hash
and if you then immediately stop using it as a password then what have "they" got?
Getting back the same hash does not necessarily mean your password has been discovered due to collisions with hash algorithms.
Meaning that two different passwords can return the same hash - this is rare but it is possible.
In that sense, though, depending on the target system, the "key still fits the lock", and that's not great.
Absolutely true but even with sha-1 you can expect duplicates to start with strings so long they can't be used as passwords, so if you see anything except 0 results, CHANGE IT.
Have keepass, (or apg) create a new passphrase takes less than a second. Why take the risk of waiting until you do your monthly passphrase updates and key rolling?
@@recklessroges please tell me that you are not in charge of password policy at any organisation. Password maximum age has lead to poor password choices by the VAST bulk of people. Password expiry has been strongly discouraged for over a decade
Cryptographic hash collisions are astronomically unlikely on naturally occuring data (like user-chosen or random passwords). The problem wih MD5 (and recently SHA1) is that it's feasible to deliberately manufacture (long, very random-looking) data that has the same hash. This will never occur by chance, so it's no relevant here.
So helpful. Thank you.