An interesting security cracker
A few excerpts from http://www.guardian.co.uk/technology/2007/dec/06/onlinepasswordssecurity
I generally use the same password for sites where it doesn't matter if someone cracks it.
Following the above instructions, I used google (successfully) to find my password if I give it the one-way MD5 hash.
Quote Google's password cracker
Last month, the security group at the University of Cambridge's Computer Lab had its group blog, Light Blue Touchpaper (lightbluetouchpaper.org), hacked via a previously unknown vulnerability in the popular blogging software Wordpress. While cleaning up, researcher Steven Murdoch discovered a new problem: Google makes a fine password cracker.
Basic security principles prohibit storing a list of valid usernames and passwords in clear text. Instead, they are stored in a encrypted ("hashed") form, so the list is unreadable to anyone who does gain access. To check a password, you encrypt it and compare the result against what is stored. Your password never resurfaces in the clear.
Wordpress encrypts passwords using a popular algorithm called MD5, a one-way function that had turned the hacker's password into "20f1aeb7819d7858684c898d1e98c1bb". Murdoch tried cracking it, then tried a Google search on the string. It spat back a few pages showing that the original word - the hacker's password - was "Anthony".
Quote you can try your favourite password at pajhome.org.uk/crypt/md5/ and then search Google for the result.
I generally use the same password for sites where it doesn't matter if someone cracks it.
Following the above instructions, I used google (successfully) to find my password if I give it the one-way MD5 hash.
