UNIX Co-Founder Ken Thompson’s BSD Password Finally Cracked


Ken Thompson, who co-created the popular operating system Unix along with Dennis Ritchie, remains a revered figure in the field of computer science. In 2014, famous open-source developer Leah Neukirchen got her hands on a /etc/password file from a BSD 3 source tree. It contained hashed passwords of some big names like Dennis Ritchie, Steve Bourne, Ken Thompson, Brian W. Kernighan in the computer science field.

Neukirchen tried cracking the passwords out of curiosity as the passwords were sealed with a DES-based crypt(3) algorithm, which is now considered easy to crack.

She was successful in cracking passwords of most of the personalities on the list except five passwords. Out of the uncracked passwords, Neukirchen was most curious about Ken Thompson’s password.

Neukirchen tried combinations of all lower-case letters and digits spending a lot of days but failed to get the password. The topic was raised on The Unix Heritage Society mailing list this month when Neukirchen reminded everyone how frustrated she is about Thompson’s uncracked password.

Posting in the society’s mailing list thread, she wrote: ” never managed to crack ken’s password with the hash ZghOT0eRm4U9s, and I think I enumerated the whole 8 letter lowercase + special symbols key space.

Ken’s Password – An Absolute Genius

Six days later, a forum member named Nigel Williams achieved the success and wrote “Ken is done” in the forum along with the plaintext password of Ken Thompson — “p/q2-q4!” (excluding the quotation mark).

Once the password was cracked, forum members pointed out that the password is a descriptive notation of a common opening move in Chess. Ken contributed to the development of computer Chess, and that explains the genius that Ken was.

It took Nigel more than four days on an AMD Radeon RX Vega64 system running hashcat ( a password cracking tool) at about 930MH/s (Million Hashes per second).

Weak Passwords Of Notable Computer Scientists

Interestingly, the passwords used by popular computer scientists were fairly weak. For example, Dennis Ritchie used “dmac” wherein “mac” denotes his middle name — MacAlistair.

Stephen R. Bourne, the creator of Bourne shell command, used “bourne” as the password. Eric Schmidt, the executive chairman of Google’s parent company Alphabet, used “wendy” which is his wife’s name.

Brian W. Kernighan, who co-authored the first book on C programming with Dennis Ritchie, had the weakest password of the lot. His hashed password, when cracked, resulted in “/.,/.,” which is a combination of three adjacent keys on a qwerty keyboard.

You can see the passwords here.

Also Read: The Curious Case of First Apple Card ‘Fraud’
Anmol Sachdeva

Anmol Sachdeva

Anmol is a tech journalist who handles reportage of cybersecurity and Apple and OnePlus devices at Fossbytes. He's an ambivert who is striving hard to appease existential crisis by eating, writing, and scrolling through memes.
More From Fossbytes

Latest On Fossbytes