Hotmail: Your password was too long, so we fixed it for you
Earlier this year, about 6.5 million LinkedIn account password hashes were published on a hackers’ forum. The hashes were simple SHA1 digests computed from the user’s passwords, as stored into the LinkedIn backend infrastructure.
It didn’t take long for hackers to start cracking them, with over half of them cracked in almost no time.
There are two main reasons why such fast cracking was possible:
* the usage of the SHA1 function itself * fast GPUs
Let’s take a look look at both.