Password Cracking - Computerphile
ฝัง
- เผยแพร่เมื่อ 12 ก.ค. 2016
- 'Beast' cracks billions of passwords a second, Dr Mike Pound demonstrates why you should probably change your passwords...
Please note,at one point during the video Mike suggests using SHA512. Please check whatever the recommended process is at the time you view the video.
Here's a look at 'Beast': • BEAST & The GPU Cluste...
How NOT to Store Passwords: • How NOT to Store Passw...
Password Choice: • How to Choose a Passwo...
Deep Learning: • Deep Learning - Comput...
Cookie Stealing: • Cookie Stealing - Comp...
/ computerphile
/ computer_phile
This video was filmed and edited by Sean Riley.
Computer Science at the University of Nottingham: bit.ly/nottscomputer
Computerphile is a sister project to Brady Haran's Numberphile. More at www.bradyharan.com
that awkward moment when you see your password...
shhhh
which one was it?
Do you love Kate too?
Lemme guess qwerty ? Lol
siksreik heh heh. I saw that
"We don't store passwords unencrypted in a database because that's a terrible, terrible idea."
You would be surprised.
Facebook XD
@@mohnishkumar i was going to reply that too XD
@Kappa Chino thought so too. Hashing is irreversible.
Password Managers
RacingAtHome the more you know
Q: What are you using the graphics card for?
A: Well -- terminal apps.
alacritty users using an opengl-accelerated terminal so the cpu works less
""iloveyoukate" 14:46 he's risking his accounts for you kate. I hope you guys didn't split up 😂
I was going to comment the same thing
that guy was not keeping password for sure. he was feeling emotional while doing whatever he was doing. Emotions = Hacked.
Kate doesn't even know he exists.
It is Kate herself, advised by some shrink.
The "iloveyoukate" virgin vs the Chad "freakpower1"
My password is unbreakable because I'm using my name followed by the digits of pi. All of them.
an unending password? youre gonna crash the db~ space limit
clever boy
Well not hashable. Nice try
Big brain time
big brain
I'm surprised that Tobey Maguire knows this much about hacking...
I thought he was Elija Wood
Well you see... After he lost the role as Spiderman, he had to get a new job. So he became Hackerman :)
He did stay a long time on the web though
sirdeakia
Underrated comment. Why didn't people get this? It's gold.
I know for sure in that bag with the english flag there's his Spiderman outfit!
It would be interesting to revisit this topic and see how things have changed in the past 6 years.
Can you suggest me any such videos
For one thing the 4x Titan X GPU he has are are roughly equivalent to an RTX 4070 which is a ~$700 GPU. The modern equivalent of his system (say 4x 4090) is around 50 time faster than his system.
Wait really? @@mully006
I love how the videos have this 'unscripted' feel and they feel like they're real conversations
Password dictionary:
1. password
2. user
3. correcthorsebatterystaple
@@rabbabansh I am not and I don't get it.
Wow
@@johnlucas463 there is a relevant xkcd
hunter2
my password: J1bbbbberb0y418
computer took about 1 second to look through about 40,000,000,000 hashes
10:13 human took about 1 second to multiply 26 times 2
Well, that's not a very fair comparison, is it? Computers are, at their core, all made for mathematical functions. Humans, on the other hand, are not. When it comes to "close enough," humans are generally better.
@@uniqueusername_ Oh really? I thought i could run through a 40bil database that is stored in my head. *Heavy sarcasme.*
Remember it was built by human
uniqueusername_1024 R/FUCKINGWOOOOOOOOSH
@@uniqueusername_ r/whoooosh
Back in the day, this video (along with your "how to choose a password" video) taught me a huge amount. I think an update could be very valuable for many people. It seems that Lastpass recently lost password vaults for millions of people, which I think will create a lot of interest in this subject.
Pausing at 16:38
ma man had a freaking HEX Code as a PW and still got cracked.
ahahhahahha damn this guy is so funny and smart. mad respect to u mike.
RIP, that’s rough
That's not a hex code he set as a password. That's just the program not being able to display the special characters. If you convert the hex code to to ASCII, the password is "kindé"
@@gchcom6902 oohh thanks for that.
That doesn't seem like it would be very hard to crack. The character set is just 16 characters. If the person thought he was being clever, there's could be 10 million people who had the same idea and the cracking software has seen it all before. It's probably not much harder to crack than 12345678.
I just assume I'm never going to come up with some clever password trick that at least 1 million human beings haven't already thought of.
@@gchcom6902 My guess would be kindé (using utf-8)
Love this guy. He should be teaching.
+Max Musterman he does, at The University of Nottingham ☺️
That's it, I'm transferring.
Agreed.
Paused the video just so I would say the same thing!
Not to mention right here :)
So you're saying pA55w0rd is not a good choice?
Michael Burke no, try password123
123456 takes the longest to crack
99999 or zzzzz depending on the algorythm
*hacker voice*
I'm in
10^6 combinations (?)
Mike: "So if your password is 6 characters long, its being cracked right now, and its being cracked quickly"
Me:
🤣🤣🤣
What's your password?
thanks just bought some pizza pans from amazon
My password with 6 characters: *sweating profusely*
My password with 31 characters: *hah, mere mortals.*
My password is 7 characters long, so take that hackers.
14:47 'ganjagoblin'
best password ever, even if it shows up on the cracked list 😂
420
Ganja means bald in hindi, so might be the reason
I cracked up when camera focused on that on screen - glad you highlighted it 😀
@@Gamer-uf1kl it also means weed or heroin, not sure which one.
@@arpitpatel5312 cannabis/marijuana
kate i think your boyfriends pass is hacked
yeah lol
Oh no not his boyfriend's.. His secret admirer's
+Attila U Random characters letter and symbols. around 30+ of them.
+Attila U well I was in a house were the password was something like this: 9684263675467468447836794598211636063674678
only the length is the same but I think it is hard to crack
Mine is something like this
5927592058295712395736189037483194721948271930183
49 random digits.
Really good video dude. No silly music or fast cuts and no annotation spam on the screen, subscribed.
I think a lot of video editing courses encourage people to do the music thing. Dude I am hear for the data above else. Not the music. It gets distracting. Even with a lot of gamer videos. I can not stand it.
You are trying to focus on the tactics and insights. Like studying with the music blasting. Sometimes it helps, but often it is a distraction.
photographer
Bruh just create a python script that encrypts an input and since only you have this encryption system it's very safe
That's why a lot of websites require you to have a special character and a capital letter. The most common way of doing it is capitalizing the first letter and putting the special character at the end though
@@Dtr146 How did you know my passwords!?
my password is L1pZ7z3qy so it's pretty secure, nobody gonna find out
All I see when you enter that is a string of asterisks
Thanks for the revelation.
👌no one will ever now this passwords
if u enter ur credit card number it gets blocked see
**** **** **** ****
@@realszn here's all the number present on my card 54120
this video made me change my password in all my social media accounts, and bank accounts, online games, buy a new house, move to a completely isolated planet and use encrypted network connection that runs through several illegal VPN networks. I am now living happily here in Mars. Thanks.
Nice
I know this is a joke comment, but using an illegal, an "untrusted", VPN is a TERRIBLE idea. You could be feeding your Computer Information to Cyber Criminals by connecting to an Untrusted VPN.
Something worth thinking about for those wanting to go the Cheap/Free route for VPNs.
*Thanks_Turnercyber🙏*
Just for your information, the "Beast" machine may be fast for a regular home user, but it is incredibly underpowered compared with a server-grade solution for compute workloads.
Imagine several racks of servers with 4 cards each. Those are available out there, and regular people can build them too with the right amount of money, or rent time on them for relatively cheap
Fantastic video! Loved it :-) Good to know i am doing my passwords right, different one for every site too!
omg its a wild xisuma comment from 8 months ago!
LOL i love scrolling through random videos comments and just finding a Xisuma comment with only 5 likes (make it 6)
Nice to know that Xisuma watches the same videos as me xD
Wow, I keep seeing you on a lot of videos... lol
Morten lol same
You keep following me around everywhere I go!
Fun fact: The odds of you picking the same password as another guy are HIGHER than picking a username that already exists.
not if my passwords look like siUn$2$8’clwo!&/ienzla!!:&*’eisnJbdKbs&29,£~*£\’Idk&/9
@@Jay-S04 That's been added to the dictionary now
@@Jay-S04 i use keepass, do mine look like that
Not a fact, but closer to a hypothesis
11:41 he just dodged that pop up
Dude.
Dude.
i dont get it ._.
That's pretty meta!
@@brunosteffen8173 The card at the top right pops up at the same time as he moves his head away from it
I didn't know Peter Parker was a damned hacker.
I have a theory: in this Alternate Spiderverse, Peter Parker (by Tobey Maguire) got fed up with chasing low-budget criminals in NY, quit his cr*ppy job and moved into the UK. There he developed an English accent, got a degree (and later a PhD) in cybersecurity to protect his new identity and since he already had close relations with the Web ;) So, this would be the origin story of Dr. Mike Pound
@@usseal922 Ha I only had to scroll 5 comments to get to here. This makes the op fact.
i cant unsee that now
I thought he did web design
Lol
I've learned (or at least read) about a ton of this stuff, and still, I thought it was Interesting to hear you step through a password attack in addition to hearing how modern tech and modern hacking techniques approach cracking passwords. Thank you sir.
Really amazing video and quite informative even for curious dummies like me! Honestly it's just fun to watch the guys talk about their passion and learn a little even if i don't get all the details, but it's worth the effort to understand a little more about the technology we all live with.
You can think of "hashing" algorithms, like MD5 or SHA512, as being a secret decoder ring, like the ones you used to get in a box of Alpha Bits, only a bit more sophisticated.
14:42 "I love you Kate" aww
@@Big_Tex xD
cute
@@Big_Tex and now it's: KateTookEverythingFromMe
Unterarzt update: its how kateijustwantthekidsbackplz
14:18 "I love you Ivan"
Now I kind of want a video about Lastpass or Dashlane and how these password manager are secure (or not). Seems like the logical follow up.
I watched a video from DefCON about this sorta thing and actually they are a 2 edged sword. They are bad because then all the attacker has to do is get your database file or hack your password into the password manager, and good because they prevent keyloggers from getting passwords.
treahblade I guess so
If you use Keepass then you don't have to worry about external security. Only your own files on your own computer. And you need 1 password to be secure. That's it.
I've never used a password manager, it seems illogical to have all your passwords behind one password. And where do you store the master password without needing _another_ password?
Yep
Kind of a disappointment that he never mentioned "salting" passwords before hashing them, which makes this attack completely useless if you dont know what salt was used
And even if you *do* know what salt was used, computing rainbow tables *per user* would take a substantial amount of time for a large dictionary.
you mean pepper.
salt is saved with the hash, so it just slows you down (a bit).
@@_piulin_ A salt wouldn't slow you down if you're attacking a specific user, but it would make the attack difficult to generalize since every user has a different salt and the passwords you test must have the salt at the end.
@@kalebbruwer I know, that's what I meant. If you hacked a server and got the hash file, then it's way slower when it's salted to interpret all the hashes, so you can sell them.
it's been six years. so what hardware is used now? like to see the diffrence
a year late but usually i believe some hackers will buy 4090s with ill gotten gains
really depends on how much money the attacker has
The best hashing algorithm: Google Translate!
Make your password a wikipedia page google translated a dozen times.
RandomCatDude wouldn't work, they update the algorithm too often, those cheeky bastards
No man Google translate just translates
@@randomcatdude only 12times do it 100+times
a dozen of something is 12 of something
Dani Jensen I think everyone knows what a dozen is
ANyone else burst out laughing when they saw someone had used ganjagoblin as their pass?
Your icon almost got me there damn.
it always get me. the worse is the fly one, I don't know if you never saw that, but *DAMN* each time I try to swipe the screen like a fool
+Russell Teapot The spider is facing 45° left, I don't get how it can startle anyone ever since scrolling means it moves upwards diagonally. Won't judge though :/
Well I wasnt scrolling when I was reading the comment but yeah once I scrolled I realized it wasnt real :/
did you see "iloveyoukate" at 14:49?
The video that made me change to a password manager. 4 years later and never looked back. Thanks Mike!
Imagine seeing your password getting cracked in this video...
when websites ask for passwords and force you to fit narrow criteria like "must be between 8 and 12 characters and must contain at least 1 number (with no repeating adjacent numbers) and must contain at least 1 capital and 1 special character" are just reducing the search space for hackers.
but isnt that putting in more variables for computer to check making it harder?
Not really as like he said it relies on use of common words so if your use zWq0£jL3s, there is no logical combination this would occur in words
But If I'm cracking these then I know that
1) I can skip all passwords under 8 and over 12 characters
2) I know that all passwords will have a number so I don't need to try any passwords that don't have them
3) same for capitals and special characters
This comment was aimed at thunderbolt my bad.
There are more combinations of passwords with 8 letters than there are from 1-7 combined. Forcing at least 1 number also increases combinations from 26^8 to 36^8.
A lot of people think "I'm going to go onto some website and test how strong my password is"... Those people are having their password stored away in a database to be added to someone's password dictionary.
Either that, or some other third party injected Javascript into the page.
You can use Fiddler, Wireshark, or your browser's network inspector to see if any web requests are being sent out.
Which is why I don't use those websites for obvious reasons.
there's a password in my head that I never use lol
Yes.
"If it's stored in plaintext, then all bets are off"
I have all my passwords encrypted with Caesar's cypher! Beat that!
Now that's clever!
Pah! I store my passwords using an enigma machine, weak!
@@arrowb.8438 dasoberkommandoderwehrmacht...
Arrow B. Enigma is broken. I use SIGABA
Laughs in quantum computing.
Dude this is a really great explanation, I have to really thank you for this
This guy is my fav Computerphile guy
This is why Peter wasn't allowed around computers.
Anybody else come back to this video, not to learn anything, but because this guy's voice is just so soothing?
This video needs to be updated, to be shown at current levels of computer technology with the most modern CPUs & GPUs widely available to everyone.
"Forgot my password"
"You're receiving this e-mail because you've clicked on 'forgot my password' on our website. Here it is in plain text for anyone to see. Your password is: JustCheckingIfThisWebsiteStoresPasswordsProperly"
That's pretty clever right there. Now I have to try doing that. Thanks
5:18 "MD-5 should not be used by anyone ever, EVER again."
Meanwhile, in the Yahoo's headquarter...
Amusing.
I'm dying 😁
Could you help me understand? Was he just checking to see if he could guess the LinkedIn pass words that were stolen? Im trying to understand how this would work for an actual site, because after you try the wrong password several times, you get booted, or blocked, and the user gets notified. How would this actually work? Are they taking these passwords and entering them against a live site? If that is the case wouldnt the hacker get blocked after a few seconds? Plus with 2FA, is this even relevant?
Ronin Ryu are you serious? 😂😂😂
Nils Svanstedt yes I’m serious asshole
I watched this video when it came out years ago. Recently, my dad passed away and we couldn’t remember his iCloud password to access the photos on his phone and other stuff like that. But I remembered this video, and I went and found password cracking tools for iCloud and was able to use educates guesses and the tools to find the correct password. So thank you for making this video ❤️
Scary… never thought about the hashes being stolen and put into a single file for this type of repetitive attack… defeats the thought of locking an account after a few failed attempts. Learned something again from this channel…. Thank you!
I could also never understand how passwords were brute force hacked when most services lock you out after 3 attempts. It never occurred to me that most of these databases are hacked off-line! This was a great video.
Why does the british lecturer always look like a Counter-Stirik Hostage.
I recover my instagram account back through *hackerlouis05* on instagram he’s legit and reliable 🏻 🏻 🏻
Contact @hackerlouis05 on Instagram for your hacking services he’s legit and reliable
@@jessicahsmith4815 thanks, Jessica Smith, Very cool.
Omega lul
15:35 "Now luckily, these leaks happen all the time" Interesting... choice of words ;)
He's telling how to crack passwords, what do you expect?
Also that smirk on his face when he said dive
That might be his hacker name
Cause its getting more exposure...
I am wondering how many of the viewers just saw their password in the video ^^
Totally got mine. 14:46 ILOVEYOUKATE
+Mike S I used to have that one only without "you" in it.
Everyone loves Kate, that's the problem
18:51 ashishiscool is my friend's password and his name is ashish.
+Филип Брчић genius XDDDDD
i love the vibe this guy has about this stuff
I recover my instagram account back through *hackerlouis05* on instagram he’s legit and reliable 🏻 🏻 🏻
Contact @hackerlouis05 on Instagram for your hacking services he’s legit and reliable
@@jessicahsmith4815 imagine actually making a fake account to self promote to the people who doesn't care :D...(especially to those who can "recover instagram account" themselves ; ))
20:03 that subtle "End the video now pls" motion
you forgot to link in the description
Thanks, now sorted >Sean
+Computerphile what is the disadvantage of designing your own hash for your own service? Wouldnt not knowing the hash procedure effectively eliminate the ability to crack passwords by using this method? Thanks.
+Osama Rana
also, often enough if they can get to your database, you should assume your code also isn't safe
Thank you everyone for the insightful comments.
Ps, I like the phrase "security through obscurity". That was exactly what I was thinking
'I like the phrase "security through obscurity".'
You got that this is a bad thing, right? Like, really bad? Just checking.
The moment when Mike reads your password loud and shows it to 2 mil other people just on second random pause... If I could only be as lucky in some other lottery. :(
Pure pleasure by listening to this guy! Thank you
This is the exact video which convinced me to use much better passwords that are immune to just about every attack
You probably DONT want to test your passwords strength on online services that claim to only tell you how good your password is. While most of those services are probably safe to use, you can never know what service is also making it's own little (or huge?) dictionaries with just the awesome and secure passwords you give them to "test" for you.
solution: disconnect from the internet before you type your password and close the tab before reconnecting
Theoretically still insecure
Ein Frosch~ howsecureismypassword.net is save. Its fully written in Javascript and you can look for the code yourself
Best passwords are sentences like "cow curry diagram!2n;"
What you have to realize. Is that the longer and more complicated your password is. The harder it is for a computer to compromise. Given enough time, energy, and technology. All passwords are easy. Each time an encryption standard is compromised. You migrate to something else. It is a never ending race.
14:48 "ganjagoblin" lmao
marcuslola Thats my password
420 blaze it.
hahahahahahahaha
I am now changing my password to "ganjagoblin"... consequences be damned!
bro I caught that too - had to left arrow to confirm lol
"I've been running it about ...
18:15 checks wrist ... "10 seconds now"
not wearing a watch and looked completely serious
XD XD XD
XD XD XD almost as if it could potentially just be habit and he clearly realized instantly he didn't have a wrist watch on at the moment XD XD XD
@@gtc4189 XD XD XD
Plot twist: he didnt havr a wirst at all
Wurst.
I recover my instagram account back through *hackerlouis05* on instagram he’s legit and reliable 🏻 🏻 🏻
Contact @hackerlouis05 on Instagram for your hacking services he’s legit and reliable
i just love ur explanations
I just love this! not only because there's no chance my password will be found, but because even the most hardcore IT dudes in my area (including 2 schools I worked at) use horrible passwords, to secure thousands of pupils' social security numbers etc. At my first job, I demanded that the passwords got changed, or I would not work there as i'd be targetted for irresponsible care, in case we got hacked. Sadly they refused to change and I quit my job.
Smart move.
Amazing how far computer processing has come in the past 20 years. I remember messing about with brute force hashing on an i486, and it took forever.
Since about 2015 i've had 12 character passwords with numbers, uppercase, lowercase and symbols. So glad I did that
This just autoplayed for me, and I recall watching back then. Incredibly the specs on those graphics cards are somewhat pedestrian now, compared to something like a newer specialized Nvidia card; I can't imagine how much easier this has become.
14:47 "ganjagoblin" XD
apparently a common password
14:45 iloveyoukate
Me too. Me too....
i smiled at linkgundam, amusingly enough.
Gaijin
lol, ganja
Can you believe that the bank I use has a MAXIMUM of 6 character length on the passwords used for online banking!? I have complained to them before. But to no avail. And this is not a small bank!
You should change banks then, they are just begging to have their database leaked.
Yep, You'd need to compute 2.8147498*10^14 hashes assuming that the passwords use extended ascii characters and also assuming that you know the hashing algorithm used. (Which can be achieved in a few seconds)
+moute3 Yes but the banks have other forms of authentication, including inputting specific characters of a secret answer and generating codes using your phone or hardware key.
Locut0s That doesn't make sense. That would be a reason for _not mandating_ long passwords. It can't be a reason for _forbidding_ long passwords. The only explanation for the latter is idiocy.
Locut0s I have to agree with Correctrix that if what you said is the case, then I can see why they accept weak passwords. But it does not explain why they would prevent experienced users from setting a strong password by having a maximum of 8 characters.
My password one was cracked with out any software,
Me: let's make it harder
Him: is it password two
Me: how did you do that
almost 4 years later, still in the recommended feed
and still an important lesson too! password strength is neglected by lots of people
No mention of password salting?
Are you talking about permutating your actual passwords, or salting the hashes before storing them in a database?
That's in the Tom Scott video about storing passwords.
they weren't talking about securing servers they were talking about how to crack the passwords. adding salt doesnt protect at all against the attack he used, it just makes him repeat the attack for the group of paswords with a particular salt. That would be a great followup though.
Or peppering.
koori049 "it just makes him repeat the attack for the group of paswords with a particular salt"
Well, yes, if you know the salting method you could have a guess, but the most basic of static salts can make the most awful password extremely hard to brute-force, at least as long as the salt it unknown.
Did computerphile stop asking tom scott to do videos for some reason?
he does have his own channel and probably takes up a lot of his time! check him out its pretty cool stuff.
I believe he said he'd not do too many more as he didn't know as much as some people on subjects.
Chris Gough
ty
Ikr! I love his videos on Computerphile!
I actually stopped watching Computerphile so much and started watching his channel...
Superb it really works it is the first video which is really helping
instantly checks what my encryption service on the back end is using O.O.
I like all Computerphile (and Numberphile) videos, but just wanted to say how great this particular one is. More please from Dr Mike Pound. (And prof Brailsford of course!)
"We don't save password unencrypted." Facebook left the chat 😂🤣
Hence why you change your password at least once a year.
Lol
You would be surprised how long some passwords can be if the service allows it.
Talk-Power removed
They encrypts the passwd ( I guess)
Wow, very informative!!!!!!! dont know how im not subbed to this channel yet
I need this professor!❤️
I love these videos. This guy is such a great teacher. Thank you!
An update for those of you who are watching this now - I don't know if this wasn't the case back then, but nowadays you use a hash algorithm that is slow by design, like Bcrypt, so that attackers are limited by the speed of the algorithm rather than exclusively by the grade of their hardware.
Very Insightful.
150gb password file + hashcat using your video card GPU = any password in minutes. I use the process in the last step to getting all my neighbors wifi passwords, though the possibilities are unlimited. I can do it from anywhere with a $13 wifi card on Amazon.. I felt so gangster when it worked so well right away. Oh wow, I was typing this up before you really got into it. hahah you just explained some hashcat! Nice. To compare, the same process took 3-10 days in 1998. Now it's about 3-10 min for a great password. I was a wireless network engineer.
14:47 Shoutout to ganjagoblin
Ganja means Bald in Hindi so it reads as baldgoblin
@@dishant8126 yea i bet thats what he had in mind
There is nothing like impossible to hack in this digital world. For any hack related issue Contact @cybersquad047 on Instaqram, Cybersquad047@gmail.comthanks to them I found out the truth about my spouse
@@dishant8126 I knew that... That was what I was thinking
Imagine being at university and using password "tictac98".
ok
I used BigPeen6969 as my password
CanIEatYourCat?
Was one my younger self used for everything. No login ever gave me an answer
most people, even supposed smart people, see the whole concept of setting a password as a nuisance rather than a necessity to prevent misuse of their account.
Really good video dude
"Let's show you an example dictionary."
cd: No such file or directory
(11:55)
Obviously 123456 is the best password out there. And in case that doesn't work anymore. You just change it to 654321. *Genius!*
brilliant
No, 12345
@@Zooiest No, 1
BuckieTheCat Your password has to be 5-32 characters long.
Thanks what's your email? Lol
"Change your hashes to something like SHA512 really quickly"
Rather recommend bcrypt or something of the like.
You need many, many more upvotes.
Or just use Secure Remote Password and not have to worry about your database getting leaked?
Cíat Ó Gáibhtheacháin I feel like I'm missing something obvious, but why do you need to store users' passwords?
rsa 4096
***** You don't store the passwords: you store something for checking if a password is valid.
you deserve way more subs
Fantastic videos ❤️
Really love this presentation style. More in-depth stuff please especially with exploits!
This is actually scary, I have a LinkedIn account and I use the same password fo many other sites.
I will change all my passwords after writing this comment, and you should do too.
Just don't change all your passwords to a single new one hah.
Use a password manager. It can change them all for you automatically, and all to different passwords, and all to extremely secure passwords.
Friends. Use KeePass, it's free, open source and multiplatform. Change all your passwords. Use unique password per site. Let me know if you have any questions.
The only password I know is the one that unlocks my Keepass database.
I have KeePass on my computer and KeePass2Android on my phone. Install Dropbox to both pc and phone. Save your database or database copy there so it can be access in your pc and mobile.
Great work
Hey, just watched your video. Thumbs up ! Do you do password recovery?
I like these kind of practical videos better than the theoretical ones.
That awkward moment when your own password shows up on screen.
Did you used mycubana too?
Gee I wonder if MR. Putin knows him ; SIR???
12345?
Amazing video!
Awesome video!
CEO :some of our employees might want to play doom on the server.
Engineer: *installs 4 Titan Xs*
7:54 Top row: "xiaojiji"
At first I was going to say, *wow, they've got it all in this system* , but then realized that that was probably one of the first things that got put in the database.
Hello sir, thank you for your videos, they are really informative and helpfully. can anyone share the link to playlist where i can access all of Dr. Mike's videos on security staffs, i will be gratefull
16:30 As it displays passwords from the rockyou database, I'm seeing a password that starts with "qwerty" quite a lot. In fact, at one point at 16:34, there was a run of 3 of them within 5 results.