How long can a password be cracked now?

solncebro2019-05-05 16:28:25

Passwords

solncebro, 2019-05-05 16:28:25

Today my twitter account was hacked, even with my caution I can’t get anywhere.
Here is my password that was cracked: 85a6ebaaed6d06ef0a9c45d01f9ff7b5
Of course, I was careless not to include capital letters, at least. And it was also necessary to include special signs, but I'm surprised that a password of such length with numbers was chosen.
I only know the bruteforce method, but as far as I know, a password with numbers longer than 10 characters will be selected by this method for about a year. And here some goldfinches from the Russian Federation hacked the account to tweet shitty advertising. I think they have it all on stream and is done very easily and quickly.
What could be the password? I'll read something to update my awareness on this matter.

Answer the question

In order to leave comments, you need to log in

7 answer(s)

solncebro, 2019-05-06
@solncebro

Thank you all very much for your replies!
Everything turned out to be simple, but unexpected. The other day, I installed several twitter clients (I was looking for the right one for me) from the (!) AppStore. I didn't download it from anywhere on the site, but from the AppStore. It looks like one of the programs sells this data to advertisers, or the owners themselves are arbitrageurs, for whom the main thing is to distribute their links somewhere.
I didn’t think that such applications could get into the AppStore, so I didn’t even immediately understand where the legs were growing from. There are no other options, because very careful on the net, I recognize phishing sites, trojans for MacOS are excluded, as well as add-ons (then all passwords would be taken away, and not just one sleazy twitter), I don’t download anything pirated, I don’t leave passwords on the desktop (everything is encrypted in the password manager) , socially engineering, no one asked me for a password, etc.
In general, by the method of elimination, I came to the conclusion that this is one of the free clients from the AppStore.

VoidVolker, 2019-05-05
@VoidVolker

And who said that he was selected? Usually, the number of login attempts per unit of time is limited, for example, no more than once 10 seconds or per minute. Due to the sheer complexity of today's information systems and the huge number of heterogeneous interacting components, there are many other methods of hacking and gaining access. There are methods such as phishing sites, trojans, social engineering, deep packet inspection, man in the middle, and so on.

Ronald McDonald, 2019-05-05
@Zoominger

Even a password a million characters long will be useless if you store it in a text file on your desktop.

nrgian, 2019-05-05
@nrgian

It was stolen
, but not hacked or picked up.

CityCat4, 2019-05-05
@CityCat4

6.3340286662973277706162286946812e+49
This is the number of options that would need to be sorted out for a password brute (the calculation is very simple - the number of dial characters is 36 to the power of the number of character spaces - 32). Do you think it is realistic for someone or something to sort out such a number of options?
It is corny to sleep it ... or :) There is a lot of similar software that steals passwords :)

Dimonchik, 2019-05-05
@dimonchik2013

now they are poking through browser addons
and the usual classics - trojans - viruses
in toys, porno, books and just pictures