[Desustorm]

Would be really interested to know how they cracked these passwords...

[spuz]

Computerphile did a great video on how to crack passwords here: https://www.youtube.com/watch?v=7U-RbOKanYs

[creshal]

Brute forced them?

[manmal]

I really doubt that they brute-forced alapdanceissomuchbetterwhenthestripperiscrying. I have no exact idea, but I guess i would take 1000s or millions of years to bruteforce 1,22680068e65 combinations (taking only lowercase letters into account), if you don't have a working quantum computer available.

UPDATE: I did some rudimentary math and think that top notch server farms would take something like 1e35 to 1e42 years to bruteforce 26^47 combinations.

[phpnode]

It's not a random sequence of characters, there are only 12 words in there. The cracker is trying words, not just random bytes and so the search space is much smaller

[creshal]

It's not trying random words, it's not even trying random syntactically valid English sentences, it's trying out song titles.

Which is a laughably tiny password space.

[manmal]

Yes, it's not brute-forcing then. That's what I was getting at.

[deerleader]

'97 quattuordecillion years' according to howsecureismypassword.net/, if the password wasn't thebloodhoundgang song title

[aianus]

It's probably a phrase from a book or movie. There are much fewer published 12-grams than 26^47.

[ProfDreamer]

It's actually a song title.

[maxerickson]

Which is really easy information to track down.

https://www.google.com/search?q=alapdanceissomuchbetterwhent...