Experts React: RockYou2021, Largest Password Leak

By   ISBuzz Team
Writer , Information Security Buzz | Jun 10, 2021 03:28 am PST

BACKGROUND:

It has been reported that The world’s largest password collection was posted on a prominent hacker forum. A member submitted a 100 GB text file containing 8.4 billion passwords, most likely compiled from previous data breaches and security breaches, according to Cyber News.  The creator of the post claims that all passwords are between 6 and 20 characters long, with all characters non-ASCII characters and white spaces removed. While the author claims that the text file he provided contains 82 billion passwords, tests by CyberNews show that the actual number of passwords is almost ten times smaller at 8,459,060,239 unique entries.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Steven Hope
Steven Hope , CEO and co-founder
June 10, 2021 11:30 am

<p>While this breach is being coined the biggest password breach ever released, some important facts are being glossed over. Specifically, the fact that RockYou2021 is simply a list of passwords. No other personally identifiable information has been associated with the dump, rendering it completely useless to cybercriminals. </p> <p> </p> <p>However, to avoid passwords being leaked, websites should never store user\’s passwords in plaintext on their servers, but rather as a hash. This converts a password into a sequence of unintelligible characters; therefore, if the website is ever breached, attackers would be left with a meaningless hash code, making it almost impossible to determine a user’s password.</p>

Last edited 2 years ago by Steven Hope

Recent Posts

1
0
Would love your thoughts, please comment.x
()
x