In 2014, developer Leah Neukirchen spotted an interesting “/etc/passwd” file in a publicly available source tree of historian BSD version 3, which includes hashed passwords belonging to more than two dozens Unix luminaries who worked on UNIX development, including Dennis Ritchie, Stephen R. Bourne, Ken Thompson, Eric Schmidt, Stuart Feldman, and Brian W. Kernighan.
Since all passwords in that list are protected using now-depreciated DES-based crypt(3) algorithm and limited to at most 8 characters, Neukirchen decided to brute-force them for fun and successfully cracked passwords (listed below) for almost everyone using password cracking tools like John the Ripper and hashcat.
She was successful in cracking passwords of most of the personalities on the list except five passwords. Out of the uncracked passwords, Neukirchen was most curious about Ken Thompson’s password.
Neukirchen tried combinations of all lower-case letters and digits spending a lot of days but failed to get the password. The topic was raised on The Unix Heritage Society mailing list this month when Neukirchen reminded everyone how frustrated she is about Thompson’s uncracked password.
Posting in the society’s mailing list thread, she wrote: ” never managed to crack ken’s password with the hash ZghOT0eRm4U9s, and I think I enumerated the whole 8 letter lowercase + special symbols key space.”
Thompson’s password has been revealed as “p/q2-q4!a” — a notation in chess to describe the move “pawn from Queen’s 2 to Queen’s 4.”
Just a day after Willians revealed Thompson’s password, another mailing list member, Arthur Krewat, successfully cracked and provided the passwords for four more remaining uncracked hashes.
Here’s a list of cracked passwords belonging to other computer science pioneers:
|Runs a program, not a login shell||network||9EZLtSYjeEABE||network|
|Brian W. Kernighan||jkf||9ULn5cWTc0b9E||sherril.|
|Peter J. Weinberger||pjw||N33.MCNcTh5Qw||uucpuucp|
Until now, all members in the list that Neukirchen found have had their passwords cracked except Bill Joy, whose username is bill and hashed password is “.2xvLVqGHJm8M”