In 2012, LinkedIn was breached.

Millions of accounts. All passwords are hashed with MD5. No salt. The database was dumped and circulated online, and within days, the majority of passwords had been cracked.

And all the attacker needed was a wordlist and a loop.

But this couldn’t possibly have happened today, right?

Well, I hate to break it to you, but the same mistakes are still being made today. That’s why you need to understand what exactly happened in 2012 and how to prevent it from happening on your systems.

And what better way of learning than actually performing the attack?

Note: This article assumes you understand what hashing is and why it matters. If you are not there yet, read these first:

• Hashing: What It Is and Why It’s Not the Same as Encryption

• Hashing Algorithms: What Any Cybersecurity Specialist Needs to Know

What actually happened in 2012

Most modern systems don’t store passwords in plaintext, but in hashes.

That’s why when the attacker steals the password database, all they can see are hashes.

Once they have the hashes, the goal is quite simple.

To reverse them and figure out what password produced each hash.

But how?

Well, the first option is brute force. Try all possible combinations and sooner or later, you’ll hit the jackpot.

But it can take years.

So they need something more efficient - a dictionary attack.

Take a list of common passwords. Hash each one. Compare the result against the stolen hashes. If there’s a match, the password is cracked.

No magic. Just a list of words and a simple loop.

It works because most people choose predictable passwords.

“password”, “123456”, “password123”.

Variations with numbers at the end. Seasons plus years. The attacker’s wordlist reflects exactly how real humans think.

That’s exactly what happened in 2012. LinkedIn’s database was dumped. The attackers ran a wordlist against 117 million SHA-1 hashes. And because there was no salt and the algorithm was fast, the majority cracked in days.

And with SHA-1? A modern CPU can compute hundreds of millions of SHA-1 hashes per second. A poorly hashed password is cracked before you finish reading this sentence.

What is salting

If you’ve been paying attention, you noticed this sentence: “because there was no salt.”

What does that even mean? Are we worried about our passwords not being tasty enough? Or what?

Well..let’s take a look at it.

A salt is a random string added to a password before it gets hashed.

Without salting, every user who chooses “password” gets the same hash (assuming the same hashing algorithm):

password → 5f4dcc3b5aa765d61d8327deb882cf99

Always. Every time. On every system in the world.

With salting, a unique random string is generated per user and combined with the password before hashing:

password + x7k2mR9q → completely different hash
password + 4mNpQ2rs → completely different hash again

Two users with the same password now have completely different hashes in the database. An attacker who steals the database cannot use precomputed tables. They have to attack each hash individually. That changes the economics of the attack entirely.

And let’s face it, it’s all about the money.

Why MD5 and SHA-1 are dangerous for passwords

Note: If you have no idea what MD5 or SHA-1 means, make sure to read the articles linked above! You won’t regret it!

Both algorithms were designed for speed. Fast hashing is excellent for verifying file integrity or generating checksums. It is catastrophic for password storage.

A modern CPU can compute hundreds of millions of MD5 hashes per second.

A GPU pushes that into billions.

A weak password is cracked before you finish reading this sentence.

Neither algorithm was designed with password storage in mind. Using them for that purpose is a fundamental design mistake, not a configuration issue.

Make sure to remember that for both the real-world scenarios and certification exams!

What do we use instead?

bcrypt was designed specifically for passwords. The key difference is intentional slowness.

It has a cost factor, sometimes called a work factor, that controls how computationally expensive each hash computation is.

The same password takes milliseconds with MD5 and seconds with bcrypt. At scale, that difference makes automated cracking attacks impractical.

A wordlist with 56 passwords takes MD5 a fraction of a millisecond. The same list against bcrypt takes several seconds. Scale that to millions of passwords and the attack stops being viable on normal hardware.

Note: There is an even newer standard, Argon2, but bcrypt is still widely used.

What you are about to do

It’s time to get some hands-on experience.

The lab below uses a real Docker environment, real password hashes, and a real dictionary attack script.

You will crack three passwords in under a second. You will watch one password survive because it is not in the wordlist. You will see bcrypt slow everything down to a crawl.

Theory tells you this happens.

And the biggest benefit? Next time you’re in an interview, you will have a nice personal project to talk about.

Get 14 day free trial

The lab is waiting. Subscribe to access the full step-by-step walkthrough below.