Ashley Madison is a popular dating website that has been frequently accused of enticing married individuals to cheat on their partners and find partners on the website for dating. On 19th August 2015, “The Impact Team” a hacking group penetrated the website and extracted information about the users of the website of Ashley Madison.
They posted details of who the users are on online forums. Apart from this information they also posted login ids and passwords of 11.7million Ashley Madison users. The list of the users leaked online included regular people with some of them in very high position.
These people were negatively affected by the leak and now have their reputation tarnished. Among the passwords posted on the online forums, there are some very common and easy to guess passwords. These passwords were cracked using MD5 algorithm. It also shows that among 11.7 million users, just 4.86 million had used unique passwords. Others used very simple passwords that
can be cracked easily by using various brute force methods.
These passwords include:
These passwords are some very common passwords and therefore it is very easy to crack them by using the trial and error methods used by brute force techniques.
It shows that these users took their security lightly and were not bothered to use more secure passwords.
The incident brings to light two important points – the safety of the passwords used by people commonly and how safe are websites like Ashley Madison?
The first point about the safety of the passwords shows that people are not bothered and do not think that they can be affected. It is the reason why websites make it mandatory to use alpha-numeric and character combinations for the passwords which was clearly missing in the case of Ashley Madison.
The second point shows the vulnerability of sites like these and hence people must avoid using them.