June 7, 2012 at 3:53 PM ET
With LinkedIn, eHarmony and Last.fm all investigating password leaks, the author of a popular password hash algorithm is urging websites that have more than 50,000 passwords to stop using his program, known as md5crypt.
"The md5crypt password scrambler was created in 1995 by yours truly and was, back then, a sufficiently strong protection for passwords," wrote Poul-Henning Kamp in a blog post Thursday. "I consider it no longer safe for any use."
Since 1995, increased computing power means the algorithm is as "prone to brute-force attacks as the DES-based UNIX crypt was back in 1995: Any 8-character password can be found in a couple ofdays," the Danish software developer wrote.
It appears that such brute-force attacks are what may have happened at the three social sites, and while none of them have gone into details about the incidents, Kamp put out a plea to other large websites to discard his widely used password algorithm, which he says has outlived its usefulness.
"As the author of md5crypt, I implore everybody to migrate to a stronger password scrambler without undue delay," he wrote.
Chet Wisniewski, senior security advisor at Sophos, told msnbc.com that MD5, as it's also called, "has been known to be weak for almost 10 years and should never be used where security is concerned."
Cameron Camp, ESET security researcher, said that MD5 "encryption, and cryptography in general has always been a game of leapfrog, where the complexity of encryption is related to the power of computers used at the time — get faster computers and you can use/break more complex cryptography."
The "catch," he told msnbc.com, is to "create steadily more robust cryptography that's still usable in a password context on a busy website. If the website software has to spend too much time/resources verifying your password, the system will seem slow to the user. This is especially true when the user may be one of a vast pool of total users, where the system has to search and verify quickly, as in LinkedIn's case."
Camp says by "salting, or adding a few extra characters to the mix as it gets encrypted, it makes decryption much tougher. So now, more advanced cryptography like Blowfish and/or SHA-1 will need to be used to 'raise the bar,' especially when used with salting. And in a few years we will need still more complex cryptography to slow/stop the next generation of password crack attempt."
Paul Kocher, president and chief scientist at Cryptography Research, told msnbc.com the LinkedIn breach of what may be 6.5 million passwords "was particularly bad because, when they hashed passwords, the only thing that was included in the hash function input was the password itself. They didn't include anything specific to the particular user."
As a result he said, "it's possible for an attacker to hash a candidate password, then check whether any user matches the hash. This means that the password cracking process can be run in parallel for all users at once."
LinkedIn, he said, "happened to use SHA-1 for the hashing, but the failure to include an entry-unique value — a "salt" in crypto-speak — is independent of the choice of hash function. They also used only a single hashing operation and allowed users to pick weak passwords. As a result, hackers have been able to recover the majority of the passwords in the compromised LinkedIn password hash file."
In the meantime, while you may not be into cryptography, you can learn more about what to do — and not do — when it comes to choosing passwords. Check out Red Tape's "30 dumb passwords people still use."