How Hackers Can Crack Your Password Hashes from Email

An article from CSO magazine describes how a hacker can send someone an email and capture their password hash, and then crack it to a plaintext password that can be used to access their accounts. Hashing is the act of converting passwords into unreadable strings of characters that are designed to be impossible to convert back, known as hashes. Cracking the password hash is possible because under easy-to-simulate circumstances, embedded links in an email can cause your computer to try authenticating to a remote server. A remote server might then capture your computer’s authentication attempt and use the resulting captured information to find your password hash and begin cracking it. This finding was a revelation to the cybersecurity expert who wrote the article, and he notes that it would also come as a surprise to many other computer security professionals. Read the full article at CSO.