Some of you may have seen my tweet late last night around midnight that I received a cryptic email an hour so earlier from Formspring, a service that I once used to help answer other peoples’ questions, saying that they were requiring a password reset upon the next login. No real explanation as to why as you can see in the email screenshot below but I just figured they had a password breach. Sure enough … a quick scan of the news this morning and I came across the story on CNET below mentioning that over 420K password hashes showed up in an underground forum.
Note: And as far as I can tell I haven’t found any links to the hash dumps yet but I’m sure they’ll turn up soon.
Update 5:00 PM: So far still no hashes… Reports are that it’s just the hashes though … no emails, usernames, or otherwise.
Update 7:00 PM: @unlockedwheel pointed me to a “**possible**” hash dump. He isn’t sure if it’s the real thing but he’s been cracking “something” for the past few hours. According to his tweet – “looking at the passwds already cracked it certainly calls into question value of passphrases from this dump.” Check out the dump he pointed me to (txt). Alternatively, I’ve downloaded and scanned it and no baddies were detected. It has 419564 hashes and is about 27M. You can download the scanned version here.
Update 8:00 PM: According do local password cracking guru @pwcrack, the file we previously linked to seems legit. The lines appear to alternate from being the salt and the password hash. But that means this file only has about 110K passwords then. I guess this makes sense since the file name was “part1.txt”.
Update 9:00 PM: Interesting developments over the last hour … plus some stuff I forgot to include in some of the previous updates. Apparently, the alternating theory was wrong. @pwcrack was trying to figure out what the salt was and @unlockedwheel noted that it’s included in the hash file. Apparently, one configuration for SHA-256 is the first 224 bits being the hash and the last 32 bits being the salt used with the password to create that hash. In scrolling through the password file this appears to make sense as the last 32 bits seem to be sorted in ascending order. Also in a previous post @unlockedwheel noted that the particular forum thread related to this dump was was started on 7/6. This coincides with another report I’ve heard from @t3l3fl3ct0r.
Update 10:00 PM: @t3l3fl3ct0r followed up mentioning to check out a particular forum @CrackMeIfYouCan (i.e., the creator of the Defcon password cracking contest) tweeted “Someone posted 400,000+ SHA256 hashes” on 7/6 with a link a forum post. Unfortunately, that forum topic doesn’t seem to exist anymore but the Google cache of it is still there. Of course there are only three post in the cache (all from 7/6) but there is a link to the original dump (see above) as well as more links to partially cracked results here and here. @unlockedwheel mentioned that as of two hours ago that thread was still up.
Update 11:00 PM: Some more interesting updates as the night continues… @digitalsec4u pointed out that the poster of the original dump to InsiderPro.com is also on Hashcat.net’s forum. They seemed to have just join Hashcat the day before they posted the password dump on InsiderPro. On InsiderPro they’ve been a member since 2009 though. Here are their profiles on InsiderPro and Hashcat for those that are curious. Also after much discussion @unlockedwheel finally convinced me that the 32-bits on the right of the dump that seems to be some type of counter is really just a fluke. The real formula basically boils down to “sha256[(00-99)+($password)]”. As an example use 94 for the salt and “dancer4life” as the password and use that hashed result to search through dumped hashes. So yeah … Formspring claims to use random salts but in reality it just boils down to two digits from 00 to 99 or 100 possibilities. That’s pretty weak… And they’re only doing one iteration apparently.
Reading a little further on Formspring’s related blog post, the good news is that all passwords were salted using SHA-256. Hopefully they were using unique salts per user as well… This is much better than SHA-1 previously used at LinkedIn however weak passwords will still most likely fall fairly quickly. And effective immediately Formspring is upgrading the authentication algorithm to bcrypt, something we’ve discussed before.
Assuming that Formspring just found out about this breach yesterday I say bravo for them responding so quickly. Yeah, the cryptic email could have provided some more info rather than having to wait until this morning’s news skim … but still. Additionally, they seem to be fairly transparent and responding to users concerns based on the company’s comment participation in their breach announcement post as well as in their support forums. My only concern is that after the recent debacles at LinkedIn, eHarmony, and Last.FM you’d think companies would be racing to implement bcrypt or similar algorithms.
Formspring has suffered a security intrusion in which some of its user passwords may have been breached, the question-and-answer site warned today.
Formspring, which said it only learned of the network intrusion this morning, responded by disabling all users’ passwords.
“We apologize for the inconvenience but prefer to play it safe and have asked all members to reset their passwords,” Formspring founder and CEO Ade Olonoh said in a company blog post. “Users will be prompted to change their passwords when they log back into Formspring. ”
A Formspring spokesperson told CNET that the company was tipped off to breach by someone who spotted about 420,000 passwords posted to a security forum that appeared to come from Formspring.
So what do you think of FormSpring’s response? Happen to have a link to the password hash dump? Let us know in the comments below. Today’s post pic is from AdeMagnaye.com. See ya!