When life gave him 153 million leaked Adobe accounts, complete with emails, encrypted passwords and password hints, engineer Ben Falconer made a crossword puzzle. A pathetically easy crossword puzzle.
As the nice folks at Rock, Paper, Shotgun point out, the first thing you should do before playing Adobe Crossword is to check to see if your account was one of the ones compromised (it probably was) and reset your password. Seeing your own “secure” combination displayed in crossword form is sure to take away from the enjoyment of the game.
Once that’s taken care of, see how long it takes you to guess the hints in the XKCD comic-inspired game.
Falconer used only the 1000 most popular passwords for Adobe Crossword, and the answers to the puzzles past 1-100 are only guesses, but they are damn good guesses. Not that anyone was really trying. Some of these password hints are just bonkers. Here’s six across from the first puzzle, a six-letter word.
food; mouse; dairy; cheddar; yellow; fromage; swiss; yum; favourite food; queso; yummy; Food; smelly; usual; mice; cheesey; mouse food; chedder; gouda; milk; dairy product; crackers; ch; pizza; nickname; cheese1; fav food; dog; c; yellow food; edam; cheesy; poop; fave food; eseehc; brie; smells; same; normal; ham; smile; moo; mmmm; mmm; lol; cow; che; american; wisconsin; tasty
If you find your password in the puzzles, then it’s a sure sign that you need a better password. If you find your password in the first puzzle, you’re probably someone else who’s stolen that person’s identity.
Comments
8 responses to “Your Adobe Passwords Make For An Incredibly Easy Crossword Puzzle”
Ah flip, mine was compromised. What’s more surprising is that 4,000 other people use the same password as I do, and I always thought my password was fairly unique.
Good old hunter2
I’ll hunter2 your hunter2-ing hunter2.
I have ten passwords I use for things all of them are 8 random numbers and letters with a few capital letters I like to throw in every now and again. Then I like to rotate the passwords every year or so for the things I use alot. For me its easier than remembering words as passwords….but then Im a little odd.
I love how these password leaks always turn into scare mongering. All the password from Adobe are encrypted. So if you are using a ridiculously unique password like; $e22W*r44pf$ you will be fine, and you don’t need to change your password. If your using “password” as your password. I think you deserve to get hacked.
The problem was the encryption they used was not only two way, but the length of the encrypted password is related to the non-encrypted password. Also, the password database also provided hints, meaning that if someone figures out the encryption key, testing it would be extremely easy. This would also mean that people who reuse passwords that aren’t things like “password1” would have their accounts on other sites in jeopardy.
The people who are the most affected by these leaks are people who reuse their passwords for important things, or in the case of the people who used passwords related to adobe, provides a clue into what sort of passwords to try on other sites.
If anything, the scaremongering is good. People need to stop choosing passwords that make us look at them and say “you chose that, you deserve to be hacked”. People need to wise up.
No, you’re not the only person with a pet named “Shadow”. Just because the characters on your keyboard look randomly arranged doesn’t mean they are – nearly everyone has the same character layout. No, you’re not being clever by using reverse psychology and choosing a password no-one would think to use because it’s too obvious. And using your password as the hint for your password is just plain moronic… even if you type it backwards.
But, yeah, if your password is sufficiently complex, you shouldn’t have much to worry about. I’d still change the password, tho, just in case. 3DES is decryptable, and it looks like the same key may have been used for all these passwords, so if they break the key, every password would be vulnerable, no matter how complex it is. And this is why we use salted hashes, nowadays.
I don’t care about my adobe password. I think I made an account once to request a patch or something basic that they wouldn’t let me access otherwise.
That is one if the reasons I get my software and patches from the pirate bay.