Showing results for 
Search instead for 
Did you mean: 

An interesting security cracker

All Star
Posts: 11,202
Thanks: 307
Fixes: 11
Registered: ‎01-09-2007

An interesting security cracker

A few excerpts from
Google's password cracker
Last month, the security group at the University of Cambridge's Computer Lab had its group blog, Light Blue Touchpaper (, hacked via a previously unknown vulnerability in the popular blogging software Wordpress. While cleaning up, researcher Steven Murdoch discovered a new problem: Google makes a fine password cracker.
Basic security principles prohibit storing a list of valid usernames and passwords in clear text. Instead, they are stored in a encrypted ("hashed") form, so the list is unreadable to anyone who does gain access. To check a password, you encrypt it and compare the result against what is stored. Your password never resurfaces in the clear.
Wordpress encrypts passwords using a popular algorithm called MD5, a one-way function that had turned the hacker's password into "20f1aeb7819d7858684c898d1e98c1bb". Murdoch tried cracking it, then tried a Google search on the string. It spat back a few pages showing that the original word - the hacker's password - was "Anthony".

you can try your favourite password at and then search Google for the result.

I generally use the same password for sites where it doesn't matter if someone cracks it.
Following the above instructions, I used google (successfully) to find my password if I give it the one-way MD5 hash.

Community Veteran
Posts: 5,880
Thanks: 1
Registered: ‎05-04-2007

Re: An interesting security cracker

Well, my main password nor my PN a/c one show up on google...