How a security ninja cracked the password guarding his most valued assets

Jeremiah Grossman is widely considered to be one of the world's most talented ethical hackers, but even his ninja-like prowess wasn't enough to recover a forgotten password used to encrypt sensitive work documents contained on his MacBook Pro.

After fiddling with a freely available password cracking program, the CTO of Whitehat Security soon realized that its plodding speed—about one password guess per second—meant it would likely take him decades of tries before he arrived at the right one. That's when he called in the big guns, namely Solar Designer and other principals behind the free John the Ripper (JtR) password cracker as well as Jeremi Gosney, a password security expert at Stricture Consulting Group. (Ars has chronicled Gosney's cracking prowess in articles here and here.)

"Collectively, these guys are amongst the world's foremost experts in password cracking," Grossman wrote in a blog post describing the odyssey unlocking the crucial files. "If they can't help, no one can. No joking around, they immediately dove right in."

Read 4 remaining paragraphs | Comments