Turns Out Ashley Madison's Uncrackable Passwords Are Actually Very Crackable

By Gizmodo on at

It was little solace to victims of the Ashley Madison hack that the company had kept their passwords extra secure. Some even said the hashing algorithm was bulletproof. But—oops!—it turns out Ashley Madison made a programming error. And now, hobbyists have already deciphered over 11 million passwords from the leaked accounts.

A team calling themselves “CynoSure Prime” just figured out a couple of flaws in the hashing algorithm that enabled them to crack millions of passwords in a matter of days. It had previously been believed that the supposedly super secure hashed passwords would take centuries for even the fastest computer to crack.

Now, the research team will ultimately be able to decipher some 15 million Ashley Madison passwords. Here’s hoping they don’t release them to the public. [Ars Technica]