'As one of the original versions of Unix, BSD is an ancient operating system. So it shouldn’t come as a surprise that it used what are, by today’s standards, strange, even ridiculous security. For one, the hashing function protecting passwords, though state of the art 40 years ago, is now trivial to crack. Stranger still, the password hashes of some BSD creators were included in publicly available source code. And then, there are the passwords people chose. Last week, technologist Leah Neukirchen reported finding a source tree for BSD version 3, circa 1980, and successfully cracking passwords of many of computing’s early pioneers. In most of the cases the success was the result of the users choosing easy-to-guess passwords. BSD co-inventor Dennis Ritchie, for instance, used “dmac” (his middle name was MacAlistair); Stephen R. Bourne, creator of the Bourne shell command line interpreter, chose “bourne”; Eric Schmidt, an early developer of Unix software and now the executive chairman of Google parent company Alphabet, relied on “wendy!!!” (the name of his wife); and Stuart Feldman, author of Unix automation tool make and the first Fortran compiler, used “axolotl” (the name of a Mexican salamander). Weakest of all was the password for Unix contributor Brian W. Kernighan: “/.,/.,”—representing a three-character string repeated twice using adjacent keys on a QWERTY keyboard. (None of the passwords included the quotation marks.) But there were at least five plaintext passwords that remained out of reach. They included those belonging to Turkish computer scientist Özalp Babaoğlu, Unix software developer Howard Katseff, and crucial Unix contributors Tom London and Bob Fabry. But the uncracked hash that seemed to occupy Neukirchen the longest was the password used by Ken Thompson, another Unix co-inventor. “I never managed to crack ken's password with the hash ZghOT0eRm4U9s, and I think I enumerated the whole 8 letter lowercase + special symbols key space,” Neukirchen reported in the above-linked thread, posted to the Unix Heritage Society mailing list. “Any help is welcome.' -- source: https://arstechnica.com/information-technology/2019/10/forum-cracks-the-vint... Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/