[Cryptography] millions of Ashley Madison bcrypt hashes cracked efficiently
mitch at niftyegg.com
Fri Sep 11 19:30:14 EDT 2015
On Fri, Sep 11, 2015 at 2:06 PM, John Kelsey <crypto.jmk at gmail.com> wrote:
> I wonder how that ratio (90%+ of the women there were fake) compares with
> other dating sites. My uninformed guess is that it's probably comparable
> to other sites.
three in 10,000 were real if these guys are correct:
Knowing the real from the invented accounts is interesting in the context
of a class
action. Converting abandoned accounts to live accounts by recovering a
and updating the profile to have a valid enough contact could collect free
cans of tuna.
Apparently insiders made many invented accounts early on, I doubt the
password generator used was very inventive.
That might further assist the cracking and sorting the real from the
WP has been updated
This attack on accounts and cracking what might have a worthy security
model is a lesson
for the text books.
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography