

Early versions of the free/open Unix variant BSD came with password files that included hashed passwords for such Unix luminaries as Dennis Ritchie, Stephen R. Bourne, Eric Schmidt, Brian W. Kernighan and Stuart Feldman.



Leah Neukirchen recovered an BSD version 3 source tree and posted about it on the Unix Heritage Society mailing list, revealing that she was able to crack many of the weak passwords used by the equally weak hashing algorithm from those bygone days.





Dennis MacAlistair Ritchie's was "dmac", Bourne's was "bourne", Schmidt's was "wendy!!!" (his wife's name), Feldman's was "axlotl", and Kernighan's was "/.,/.,".





Four more passwords were cracked by Arthur Krewat: Özalp Babaoğlu's was "12ucdort", Howard Katseff's was "graduat;", Tom London's was "..pnn521", Bob Fabry's was "561cml.." and Ken Thompson's was "p/q2-q4!" (chess notation for a common opening move).

BSD 3 used Descrypt for password hashing, which limited passwords to eight characters, salted with 12 bits of entropy.



Descrypt limits passwords to just eight characters, a constraint that makes it all but impossible for end users to choose truly strong credentials. And the salt Descrypt uses provides just 12 bits of entropy, the equivalent of two printable characters. That tiny salt space makes it likely that large databases will contain thousands of hash strings that attackers can crack simultaneously, since the hash strings use the same salt. Jeremi M. Gosney, a password security expert and CEO of the password-cracking firm Terahash, told Ars that Descrypt is so weak and antiquated that one of his company's 10-GPU Inmanis appliances (price: almost $32,000) could besiege a Descrypt hash with 14.5 billion guesses per second (the rigs can be clustered to achieve faster results). The speed of just one rig is enough to brute force the entire Descrypt keyspace—which, due to practical limitations, was about 249 in 1979—in less than 10 hours, and even less time when using cracking tools, such as wordlists, masks, and mangling rules. This site will also crack a Descrypt hashe for as little as $100.

Re: [TUHS] Recovered /etc/passwd files [Leah Neukirchen/The Unix Heritage Society mailing list]





Forum cracks the vintage passwords of Ken Thompson and other Unix pioneers [Dan Goodin/Ars Technica]

(via Four Short Links)

(Image: Peter Hamer, CC BY-SA, modified)