Have You Been Pwned? - Computerphile
HTML-код
- Опубликовано: 25 июн 2024
- Would you type your password into a random box on the internet? Dr Mike Pound on ensuring your password hasn't already been hacked.
Have I Been Pwned: bit.ly/c_troys-site
Mike's code: github.com/mikepound/pwned-se...
How to Choose a Password: • How to Choose a Passwo...
Password Cracking: • Password Cracking - Co...
Beast and the GPU Cluster: • BEAST & The GPU Cluste...
/ computerphile
/ computer_phile
This video was filmed and edited by Sean Riley.
Computer Science at the University of Nottingham: bit.ly/nottscomputer
Computerphile is a sister project to Brady Haran's Numberphile. More at www.bradyharan.com
I feel like Dr. Pound was not at all surprised by the people who used correcthorsebatterystaple, yet somehow is still disappointed by them.
I was actually surprised that it didn't have more results than it did really
This ability is one of the racial bonuses for English characters
"Horsecorrectstaplebattery" is my choice of password
Another great video from Dr. Mike Pwned
His business cards should read "Call Pound before you get pwned."
Welp looks like we have your nickname Dr. Pwned
Stay EZ My Friends can you elaborate?
@Stay EZ My Friends I think you've misunderstood how it works. You hash the whole password, but only send the first few characters of the hash. Then, any matching hashes are sent to you, for you to compare with the full hash to see if any of them are your password. There are no changes to the input.
@Stay EZ My Friends that's entirely possible. My understanding is that the avalanche effect means that the hashes of "000" and "001" and "010" will be very different. Just by changing a single bit, you completely change the output.
If I'm right about that, I don't see how it has any effect on how this checks passwords.
Sweet that the hash for "iloveyoukate" starts with BA8E 😍
Nice! Its MD5 only contains "BAAE3B", which clearly demonstrates that MD5 is the inferior algorithm to SHA-1. :^)
(Alas, SHA-256 is still better. But in it, I can only find "BFF". So my cryptographic horoscope is telling me Kate and I will be happier as friends? ^^)
@@nibblrrr7124 lol cryptograpgic horoscope! hashing numerology!
That guy has since changed his password to "divorcecourt".
"Pwned? If I'm wrong then I'm a noob" - Mike knows what's up.
'if you think you know everything, you're not trying hard enough' - H.D.Moore .... everyone is a n00b.
@@hakology I know just enough to know how much I do not know...
Ahhhhh it’s like 2006 all over again
1-2-3-4-5? That's amazing I've got the same combination on my luggage!
Lol spaceballs
Mines samsonite
Hehehe
@@rjj5574 2814 times in list
Hilariously, the other password from that same XKCD comic strip "Tr0ub4dor&3" which was used as an anti password cannot be found in that password API.
what do you mean by anti-password?
@@El_Chompoit was an example of a poorly chosen password
At least they understood that part well.
So... It's a strong password?!
@@PragmaticAntithesis not anymore
*unhackable* shows up 602 times.
ironic :)
621 times
@@HaxorBird :3
@@andrewandrei3062 a --man-- anthro of culture I see
edit, YT comment formatting is a pain in the back, I swear it was double hyphens a while ago
639 now
Now that's an interesting way to check passwords without actually sending them. I like it.
Still allows for some nasty stuff in two cases: 1. Only one hash which starts off similarly can be found (not likely), 2. The user checks for multiple passwords.
2 is a problem because all of the hashes that the server returns can be traced back to passwords, and those can be traced back to accounts connected to them. So if the user checks multiple passwords that can be traced back to their accounts, the likelihood of identifying the user increases.
But yeah, it doesn't leak the passwords that haven't previously been leaked straight away, but still might make guessing them easier. Thanks to potentially identifying the password habits of the person and having the beginning of a hash.
@@mirmbloatbust4783 I don't think 1 is a problem. If only 1 password is returned, it's still very unlikely it is yours.
@@CitronLighter Yup, I agree. 2 is the real problem.
@@mirmbloatbust4783 2 isn't much of a problem in my opinion. The k-anonymity implementation was suggested by CloudFlare due to the bandwidth usage - you literally have everything from password managers to UK government departments all using the same API.
Passwords are also not unique - my weakest password is (to paraphrase) randomstring1 and the next number in the iteration has been leaked (as have some in the 80-99 range - birth years) even though I've never used them.
CloudFlare have probably seen most of your passwords anyway as they are the biggest CDN, and most partial hash lookups don't end up going to the origin server because of k-anonymity and aggressive caching.
That just leaves trust in the frontend of whatever is using the password API v2, and TLS stack/library/protocol.
Also, haveibeenpwned doesn't make the data available to link breached accounts with leaked passwords. If you are concerned about the origin server knowing who you are based on password lookups that return positive results, we are talking about a database built from data breaches that contain your e-mail addresses and passwords. If you only have one e-mail address, it'd be a waste of resources for the API to link passwords to it based on password lookups because the service could have used the data already available.
@@mirmbloatbust4783 i don't know much about cryptography but iirc sha1 hashes are "random" so the first part should not allow them to get the first part of the password.
His explanations are truly great. Such a good teacher.
I checked, the password "computerphile" occurs one time in the pwned password list! Why? Who? What!
still waiting on numberphile though.
It's obviously Sean's password for the Computerphile Google account
And also how is it working like how did only one person think of this
@@OrangeC7 only one that got leaked - there might be hundreds of others USING that password. ;-)
maybe that person didn't know about the computerphile channel and thought they were being clever inventing a word?
The first thing I did once I find out about this website was to inspect all js to figure out what heck it was doing with the passwords.
Got really impressed! Kudos
Great video. Not nearly as dense and dull as lectures, still informative, and actually entertaining and easy to watch.
The out-take is great xD
I love this guy. Please do more neural network videos with him.
"password" has been leaked 3,645,804 times.
I will not fall for the same mistake as others have! I will use "wordpass"! No one can ever guess!
@@marekmichalovic8711 , we need more smart people like you.
How often has "has been leaked 3,645,804 times." been leaked?
@@FirstDagger That might have been a decent password until you wrote it
And "123456" like 23 million. Taking a positive angle, if there are 3 billion people on the internet, that's only the dumbest 0.5% (taking into account duplicates and troll accounts).
So if I need to sell stolen password data do I go to the Pwn Shop??
I'll see myself out
E- auto @Cadde correct
I’ll get me coat.
Pwn is a correct word, pwne is not.
@@RealCadde
I know, derrr
Noted, amended
That's already a deep web blackmarket site
This guy is awesome. I knew all this stuff already yet I still was entertained!
Mike's videos are the best ones.
Alright fine, guess I'll change my password to iLoveYouMike
iLoveYou*Mike
iLoveLamp
@@brokentombot I see what you did there 👨
@@mikejohnstonbob935 make sure to put the symbol in the middle of the word, instead of between words!
Glad you guys mentioned this site, it's rad 😊
I love this channel especially the vids that involve security
Yet another great, clear and concise video. Thanks
8:53 - not all are publicly available, some are from private breaches which have been given to Troy
What exactly is a private breach in this example? Did the perpetrator break some site and then give Troy and ONLY Troy their ill gotten loot? If the site owner gave the list of exposed data to Troy then in all probability that data is in the wild and may be being traded on exclusive forums, but in that instance it is only a delay to wider public dissemination.
I actually knew about this! Huge fan of this approach. Have gushed about it to some coworkers.
That git repository is a treat. The same program implemented in multiple languages: python, go, haskell, julia (I don't even know what that is), bash and perl, the last being my comfort zone. So now I have all these examples with which to compare and contrast. Very nice. I'll skip the java and powershell if that's OK.
Happily, all the passwords I tried passed. My trick is I use my social security number as my password for everything. That way, when one of those sites gets hacked, they'll have everything all in one go.
correct horse battery staple.... instant facepalm hahahaha.
It's amusing that Munroe's counter-example for a bad password (Tr0ub4dor&3) in *not* in the pwned list...
@@foo0815 xkcd is known for information warfare.
@@foo0815 His reasoning is quite sound though. If you can't remember the password, you might as well not have a password. Try that principle with other words in that database.
Tip: use a word that's not in the dictionary (and not in use in general) in the password, that you can actually remember. (ex: "fortify persident campaign etchings").
And put your choice of easily remembered special characters in there.
@@Reelix That's why you should just include one word that's not in the dictionary.
Xileer Torias No, the point of the approach is that you calculate the entropy given that it is in a dictionary. Of course, partially deviating from the pattern by adding a non-word or special characters in the middle will still make it even stronger.
Oh, that's a really elegant solution! I like it.
Extremely useful information! Thanks for making this video
From time to time i come back to this video for some entertainment
There's a problem using the command line as shown in this video: it will appear in your shell history and for a split second also in your list of current processes.
The best way is to have to type your password interactively.
Also careful not to do it in the interactive Python REPL. I noticed Python 2.7 on my system has no history, but Python 3.5 and Python 3.7 both have a history. Read STDIN and type password in via request from STDIN. No shells, no REPLs, no pipes!
The only secure chip is one you build yourself.
Someone pull requested my github to fix this already! You're absolutely right, it wasn't ideal what I was doing.
Have you ever heard of sarcasm?
@MichaelKingsfordGray What! Use your real name? You would go through all the trouble to make a secure chip for a password and then give your real full name out on the internet? *facepalm*
Troy Hunt's API is absolutely awesome. He also gives love to all the developers who use it to build applications by posting links on the website.
Of course Mike's code is in the doobly too. Legend
So much value in less than 11 minutes, and 100% accessible to anyone who knows python isn't just for snakes.
Hi. Love your content.
This question might seem a bit off topic, but since you like to look at things from a different perspective, I think you might have an interesting opinion on this:
I have been looking into amateur music production lately and I found out that sound cards in laptop is just not a thing. Which really surprised me. But I got to think that with the help of graphic cards you should be able to model oscillators properly and therefore I figured there should be a way to use one's graphics card capacity for sound rendering?
I love all Videos Mike makes to computerphile, I wish I could meet him!
I've been pwned endless times lol
This is also a good way of finding out where other people have been signing up 😉
Is this safe?
Found this API about two months ago and immediately implement a script that goes through every password in my password manager and checks it. Super handy tool, gotta give it to them. (All my passwords turned out not to be in there, but you never know. Though, if a password does get compromised, it's not a big deal for me, anyway, since I don't reuse passwords)
Bloody beautifully explained
Thank you for making useful vids. I will be using your code at home and work right away. I also love that you use python. I have learned much from reviewing code that you've offered. Cheers!
Thanks for posting this, now I can link this video to people who think I'm trying to hack them, when I link HaveIBeenPwned
regarding bad practices people do with well intended info from these videos, I know its just a demonstration but I'd still like to point this out.
if you were to use some small commandline utility you threw together yourself to check your passwords, like in the video. they'll end up in your shell history(every command you ran goes there for a while) which is just a plaintext file. Effectively undoing the whole point of an encrypted password database.
cheers
CK You can put a space before the command and it won't store it in the history
export HISTIGNORE='[ \t]*'
Then put a space in front of any command you don't want in history.
Probably doesn't save you from audit log, though. Don't let people read audit log.
@@gyroninjamodder TIL. Thanks!
Thanks for pointing this out - I did eventually upload my code to github and someone already put in a pull request fixing this :)
That's actually pretty useful, thanks!
One thing to keep in mind with using that python script is that you are probably storing the password as clear text in your command history.
Add a space before the command to omit it from bash history, or better yet, use the getpass python library.
Thanks for sharing this tip. Super useful!
Excellent presentation!!
I like how he laughs for like a fraction of a second then starts talking seriously. It’s very funny lol
It’s also fun to go onto the password site to find all the horrible phrases people have as passwords that have been pwned
If you are very paranoid you can always just download the pwned passwords list and write some code to do it all locally. On the plus side, you'll learn how to search through a 22+ GB file quickly!
Multi-threading!
Was fun to work with the 1TB leak few months ago to create an alphabetically ordered password list of all the unique passwords, followed up with the number they were encountered in it. Would have been swell to do that on a SSD and more memory than 4GBs in hindsight. :P
@@dustysparks No need to multithread, just have the file organised alphanumerically and do a binary search.
If the file is already sorted, then it will be extremely easy and fast to search it, even on a slow system with slow I/O. No need for multi-threading or anything special.
seek into the middle of the file, read until a newline is found, see if the hash is less, equal or greater than the searched one... depending on that check you search the part before or behind the current position. Its just a binary search. This could be done by hand.
If the file isn't already sorted, then fast hardware (a computer) could be useful. If only one hash is searched, just use "grep completehash pw-hash-list.txt", grep uses a quite fast algorithm (boyer moore) to find a word in a large amount of data.
If the file isn't sorted and many hashes should be checked you need a lot of ram and a program called "sort", just sort the list and use the second mentioned method. ;)
There is a version sorted by hash which is of course rather fast to search through (and more easily compressed to boot)
"correct horse battery staple" was compromised? Time to change to "incorrect horse battery staple".
Too bad it's already pwned too. :/
I like that you make your notes on tractor feed paper
well it is nice to know a bit more about the "Have I been Pwned" site... even if i hear it is safe i would rather have multiple sources of trust to confirm... even tho you are the second! (the other was a PC security channel that tests antivirus programs)
Those buttons are amazing. I spent far too much of this video looking at those buttons.
I enjoyed the Hackers reference at the end
Thank you for this video. I have now changed my password from iloveyoukate to iloveyoujan. Now I can rest easy.
Great Hackers reference!
So helpful. Thank you.
I love this
FYI, you can get part of your password sha1 hash without displaying it in the terminal (for the paranoid):
read -s p ; echo $p | sha1sum | tr [a-z] [A-Z] | cut -c 1-5
great video again !!! can you make another to explain the spoofing; like when we receive mail from your own adress...
Simply amazing
Great video 👍
Mike, talk to us about AES. I know that deep down, you have an urge to do so!
Nice video as always. Why were you using duckduckgo though?
My passwords from when I was a kid have surprisingly never been cracked. I'm shocked.
no one wants to hack your roblox account dude
never been leaked or never been cracked? there's a difference
There is a chance that someone have your pass but didn't make the database with it public nor shared with Troy Hunt (haveibeenpwned guy)
What was it?
mine have
MORE MIKE POUND
Bitwarden password manager also has a password leakage detection built in.
urmom : 6367 times
urmom1 :12626
This was true for many passwords. It seems adding a 1 at the end of a password might actually make it less secure.
"urmom" is only 5 characters. I guess most people would use at least 6 characters.
@@sieevansetiawan4792 More sites are expecting a number and capital letter as well. Easiest way to do that is to add a 1 at the end.
A ressource of the code used in various videos would be nice :)
1) Hash in sha-1.
2) Request the appropriate address.
3) Cross the list to search for a match.
4) Output the result.
You should not trust anyone and do it yourself. Time to learn how to code ?
hurktang if you can audit the code there’s nothing wrong with using someone else’s
I've also written my own version. It supports checking multiple passwords with a file: github/lukas-dachtler/pwned.py
If you give me a list of all your passwords I'll check for you. 😎😎
@@hurktang "various videos", not necessarily this one. This one is fairly easy to replicate :)
One "strong password" (459 matches for strongpassword) technique folks use is to choose the first char of a series of words from a song. The results for "Jumpin' Jack Flash it's a gas gas gas (jjfiaggg)": 56 matches. For the typing class phrase "The quick brown fox jumps over the lazy dog (tqbfjotld)": 956 matches. (Yes, I know computerphile (1 match) recommended adding special characters to such a PW, so, "jjfiaggg!": 1 match :) ). Golly (541 matches) it's fun to guess the cleverest (90 matches) passwords, like "iamclever": (164 matches) but "youareanidiot" (57 matches) and hit this range API with my little golang (24 matches) script. And thanks for introducing me to k-Anonymity (0 matches!!), neat!!
jjfiaggg is a bit too brute forceable.
might as well go for longer songs
ittrlitjfcialnefr
or
talwsatgigasbasth
There would be people who could figure these out from that alone but for everyone else
They are very long popular songs by Queen and Led Zep
Great job. Thaks!!!
so how do you work out diacritical marks / accents? I am cheking Polish for password (hasło) and I get 0 matches even if I enter it on /password site directly.
Now, if only we could convince websites to refuse new passwords / password change requests that appear on these lists. Then, after that, we might be able to convince websites to use bcrypt, and increase their maximum password length such that correcthorsebatterystaple could actually be used if it wasn't already disclosed and prevented by step one.
Yeah that would be great. However website owners wants as many users as possible. If the user find it cumbersome to sign up, the website might loose that user and potentional revenue. We would practically have to make it punishable by law to use crappy passwords.
@@Baxtexx Carrying the death penalty for that particular genepool.
Thank you, my email has been pwned.
Every video this guy makes, a password dies.
Nice one chaps
I loved this
I don't know if this is too specific, but could you do a video on the ghidra tool the nsa released?
They might not want a backdoor on their systems
@@micr0xchip0xverflow6 Fair enough.
@@bluryourfaceoff lol, unconfirmed but it does need Java 10 which I know has a zero day in it that I'm not sure was patched. A few newer versions came out though
Thumbs up, if you're a developer who salts passwords. This makes one of several examples for why salting is important :)
I'm sure there are people who use salted plaintext passwords... Always assume the worst, don't trust anyone. ;)
That's also outdated. Salting is not enough in the slightest. Use bcrypt or pbkdf2. See Tom Scott's video about password storage.
@@joonasfi Are you saying bcrypt(password) is just as strong as a bcrypt(password + salt) ?
salting? (What is this? Security for ants?) argon2 then scrypt then blowfish then bcrypt. (I doubt all four have been compromised at this stage.)
@@recklessroges "In cryptography, a salt is random data that is used as an additional input to a one-way function that "hashes" data, a password or passphrase."
He uploaded this the day my account got compromised.
Oof
Decided to go to haveibeenpwned and search my main 2 emails, and I’ve been Pwned on both. Guess I’m creating a new identity and moving to the other end of the earth.
I'd love to tell you just how great my password is, but then I'd have to change it, so just believe me.
I've already seen it. You should change it as you've been using it for far too long.
Is there a repository where he uploads the code so we can take a look at them?
I know computerphile is hosted by a different person, but it feels strange to not hear Brady's voice behind the camera
i use a 240+ random character master password for my most secure stuff, which i painstakingly generated by using 8 randomly generated access point keys and then jumbled it some, then after memorizing the whole thing, i broke off sections of it, 8 to 32 characters long depending on how secure i need the password to be, for example, forums, chat, and other minor accounts that don't expose any personal or financial information only use 8 characters, financial passwords, email, and other accounts that do expose financial or personal information use passwords from 32 to 64 characters long depending on how important the account is. That way, i only have to remember one password (master) and then, for each account, i only remember what i call the "association" (where in the master password do i begin, which direction do i read it, and how many characters do i use for each account). i guess the big security flaw inherent is that, because the passwords are sequential (but random direction) if my master password leaks it basically becomes a whole dictionary entry, which is why i don't use it online and instead use it for disk encryption
Time to pump out a video about how to go mfa or use a good pwdmanager.
Is it possible the API returns only the remaining of the hash to ensure that even if that list was somehow intercepted it is of no use without the prefix that was sent over https?
10:01 i love the pure disappointment in his voice
I know it seems radical but its about time we just get rid of passwords. Any time you type in a password its a liability that it will be recorded or compromised. Using your phone as authenticator is great. If your phone gets stolen you just have to remove it as an authenticatior. If you want to have some time so the thief can't immediately get into your accounts add a phone lock with pin or fingerprint. While these methods are not super hard to crack it'd still take hours to days. Phones can also be remote locked and easily deactivated. The only problem is there's no universal or standardized way to authenticating this way.
How do you authenticate yourself to the system that lets you remove your phone as an authenticater? I agree that there are lots of problems with passwords, but it's very hard to find something that can fully replace them. People have been trying for decades.
@@superfluidity There's no way to revoke who has access to your password except to change it. When you make an account it authenticates to that device like your desktop from there you can tell a website to authenticate with your phone. As a backup you can use a public key stored on your desktop or on a usb key to do management like locking all authenticators.
dsenti may just be on to something. If you take the SHA-1 hash of Dr. Mike's example - be it password1, or Password1, or password 1, or Password 1, the hash doesn't start with FA2241C. And if you use cURL to input any of those actual hashes into the website, it doesn't return ANY corresponding leaked hashes! Of course, the hash depends on SO much more than just what the password is - like the font you use, whether it is ASCII or UTF-8 encoding, whether you create the password in Notepad vs. Wordpad vs. RTF vs. MSWord, etc. and probably a hundred other things. Which renders the whole exercise of hashing your password yourself for submission rather pointless. Or worse, it lends a false sense of security when no hits are returned. So you're really only left with the option of typing your password into a random box on the internet. I think I'll give it a try it right now - NOT!
Fun fact: his e-mail address from Nottingham University (which can be found easily by searching on internet) is also on the pwned list. :)
I was in the process of checking "correct horse battery staple" when he said to try "correct horse battery staple". :D
Hi!
Why you use only sha1 when calculating hash?
Not all cracked companies use this algorithm to protect your passwords (also sha256, or pbkdf2 with sha256 and salt (and pepper maybe)).
Using sha1 in example script is about common use case? Or I missed something?
Thanks!
How secure would the hash (or subsection) of a popular password be?
Checked it out - turns out I've been pwned on one of my emails... Good thing i have good password practises...
it blew my mind that correcthorsebatterystable is now a used (and leaked obv) password :D
staple! :D
i get a name error : "module not found error" is not defined. what can i do about this, sorry i'm a noob at this
How often do accounts get broken into by some brute force attack? Probably often when people use passwords like "password1" but for uncommon passwords? Not that often. If the website or whatever you are using hasn't put in some defense against brute force attacks then their security is likely lacking in many other areas so using a 20 random characters wouldn't offer you much protection.
Can u explain how Content ID, Fingerprints and similar Stuff on Audio and Picture Works?
so if I wanna check my password with this python file, then lets assume that at first the password was not found, but if I run it again the ocurrence is 1? So this means we should not use this api because it stores my password into the DBASE of pwned?
What's your stance on password managers in the cloud such as the mentioned one password or dash lane for example? So many people seem to be using one of these kind these days, but I'm still very sceptical.
I think the reputable ones encrypt/decrypt client-side using a master password. If they also use your master password to login, I believe what gets sent to the server is derived from a hash of the password, not the password itself. Though this does mean you should be extra careful choosing your master password.
Xevailo at least use keepass or better while you do your own due diligence.