In 2014, developer Leah Neukirchen found a file
/ etc / passwd among a dump of files from the BSD 3 source tree that included passwords used by several computer pioneers, including Dennis Ritchie, Ken Thompson, Brian Kernighan, Steve Bourne and Bill Joy.
As he explained in a blog post on Wednesday, he decided at that time to try to decrypt the password hashes, created using the crypt based on DES (3), using various decryption tools such as John the Ripper and hashcat.
When the subject appeared on the Unix inheritance society mailing list last week, Neukirchen responded with 20 cracked passwords from the file that she had broken five years ago. However, five hash passwords remained elusive, including Thompson's.
"Even a thorough search of all lowercase letters and digits took several days (in 2014) and did not yield any results," wrote Neukirchen, who wondered if Thompson could have used uppercase or special characters.
Samizdat no more: the old Unix source code opened for study
The participants of the mailing list, intrigued by the challenge, set to work in the holdouts. The breakthrough came on Wednesday, from Nigel Williams, an HPC system administrator based in Hobart, Tasmania.
"Ken is done," he wrote in an email to the mailing list. The cracking effort took more than four days on an AMD Radeon RX Vega 64 running hashcat at a speed of approximately 930MH / s.
ZghOT0eRm4U9s is a hash of p / q2-q4!
It is a common chess opening in descriptive notation. As Neukirchen observed, Thompson contributed to the development of computer chess.
Thompson, who helped create the Unix and the Go programming language among many other achievements, recognized the feat by offering his congratulations. He did not immediately respond to a request for comment.
According to the NIST password guidelines, the secrets selected by the user must be at least eight characters in length, which means using the full range of uppercase, lowercase and special characters. Microsoft also suggests a minimum of eight characters. But since Thompson's eight-character password hash cracked in a few days, something else could give him more peace of mind. ®
How to get more from MicroStrategy by optimizing your data stack