Admittedly RockYou were already well known to be technically incompetent, and fell to a simple SQL injection apparently.
But what is interesting is the stats on use password choices. Simply put, if a user can they will. http://www.imperva.com/docs/WP_Consumer_Password_Worst_Practices.pdf Enjoy PS It got worse, they were also storing third party passes: http://www.techcrunch.com/2009/12/14/rockyou-hack-security-myspace-facebook- passwords/ K -- NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected]
