There’s really no such thing as security, given wherever a wall is built there’s someone trying, for ill or for fun, to climb right over it.
Now a team of security researchers has managed to create an algorithm that quickly cracks the ‘brain wallet’, which was supposed to be a solution for Bitcoin owners to access their stash using a password in place of a random private key number.
“This event was off the charts”
Gary Vaynerchuk was so impressed with TNW Conference 2016 he paused mid-talk to applaud us.
Given that Bitcoin users have gone to the trouble of getting on board with this less-traceable currency, you might have thought the passwords would be, well, good. Think again.
Here’s some of the passwords the team managed to retrieve from their exploits:
1. say hello to my little friend
2. to be or not to be
3. Walk Into This Room
4. party like it’s 1999
11. andreas antonopoulos
12. Arnold Schwarzenegger
14. for the longest time
15. captain spaulding
Sure, these guys were making a special effort to retrieve passwords, of which they say they managed to crack 18,000 but… Number 11 is actually the name of one of the most famous people in the Bitcoin community.
If you want to drill into the detail around how the cryptology behind Bitcoin works, you can find the paper here.
There is already a bit of a consensus that humans are no good at creating passwords and the team concluded “our research demonstrates again that brain wallets are not secure and no one should use them.”
Given the brains in question are human brains, they’re probably right. Although, perhaps just ask this little girl for one instead?
➤ Speed Optimizations in Bitcoin Key Recovery Attacks [International Association for Cryptologic Research via The Register]