E-mail addresses, user names, and password data for every registered user of the Ubuntu Forums—estimated to be 1.82 million accounts—were exposed in a security breach hitting the company responsible for maintaining the freely available, open-source operating system. There's no sign the compromised data has been published online.

The Ubuntu Forums were closed Saturday evening following the discovery that the site's homepage was defaced by someone who managed to gain privileged access to its underlying servers. To their credit, administrators with Canonical, the for-profit company that markets Ubuntu, quickly issued an advisory that warned users who used their forum password to safeguard other accounts to change the credentials immediately. The forums remained inaccessible at time of writing on Sunday afternoon.

"While the passwords were not stored in plain text, good practice dictates that users should assume the passwords have been accessed and change them," Ubuntu CEO Jane Silber wrote in an updated advisory. "If users used the same password on other services, they should immediately change that password."

In an e-mail, Silber told Ars the passwords were cryptographically scrambled using the MD5 hashing algorithm, along with a per-user cryptographic salt. While the scheme is the standard protection provided by VBulletin, the Web software used on the Ubuntu forums, password experts consider MD5 with or without salt to be an inadequate means of protecting stored passwords. While per-user salt slows down the time it takes to crack large numbers of passwords in unison, it does little to nothing to delay the cracking of small numbers of hashes. That means the scheme used by Canonical doesn't prevent the decoding of individual hashes that may be targeted because of the attractiveness of the specific user it belongs to—a high-ranking executive, for instance, or people whose e-mail addresses belong to Fortune-500 domains.

As Ars has explained repeatedly, a far more robust password-storage scheme involves the use of bcrypt, scrypt, or another "slow" hashing algorithm. By increasing the time and computing resources required to convert plain-text passwords into hashes, these slow algorithms require crackers to spend months, years, or even centuries to decipher hashes, compared with days or weeks for salted hashes generated with MD5, SHA1 and other fast algorithms. The protection provided by slow hashing algorithms also extends to single hashes, unlike the protection afforded by salting. These enhanced protections are important in scenarios of database breaches, which allow people to perform offline cracking attacks and then use the results to breach accounts that use those credentials elsewhere.

While it's disappointing that Canonical chose a relatively weak hashing scheme to protect its forum users' passwords, company officials deserve credit for immediately reporting the breach and exhorting users to change passwords. By contrast, recent responses to password breaches hitting Reputation.com and LivingSocial.com either made no suggestion to change passwords or played down that advice.

So far, there's no indication the password hashes and other data exposed in the Ubuntu forums hack have been published online, but it wouldn't be surprising for that to change. The person responsible for the hack went to the trouble of defacing the forum homepage. To get maximum publicity, the individual may decide to air some or all of the data acquired. And with the Internet Archive recently estimating 1.82 million registered Ubuntu forum accounts, the potential for abuse is high.

As always, Ars readers are encouraged to use a password manager and choose a long, randomly generated passcode that's unique for each important site. For a deeper dive on passwords in general, see last year's feature Why passwords have never been weaker—and crackers have never been stronger. To get an inside look at how even long passcodes are cracked following database breaches, see Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331.”

Article updated to emphasize in the first paragraph that the data isn't found online.