2010-01-16, 06:48 PM
BombsAway Wrote:Wait, what does that mean? I mean, I know what a hash is and stuff but in the bigger picture what does that mean?
Those hashes are the same format as Nexon's DB stores protected passwords in, and PINs are stored in plain text in the same table.
If all the people who were just walked through like I was also just happen to have their password in those cross reference/decrypt tables at rednoize (which mine apparently was as well, surprisingly) it increases the likelihood that the hacker had/has some way of retrieving all the password hashes and PINs. Granted there are sites other than rednoize, and independent rainbow tables also exist, but it's as good of a "quick sanity check" as we have available to us.
The more people who aren't in those tables, the better the odds that the hacker has some other method that didn't involve access to the database.
At the very least it gives a good idea how secure current/previous passwords are in the event of a DB breach. Anything that can be instantly looked up = zero security.
It's not having what you want - It's wanting what you've got.

