The Saudi Arabian hacker group that claimed it hacked Facebook founder Mark Zuckerberg’s Twitter and Pinterest accounts did it the old fashioned way. It guessed his password. Using the now infamous LinkedIn breach as a starting point. The group, OurMine, said Zuckerberg’s LinkedIn password was DaDaDa. This points to Zuckerberg as a big Police fan (see below) or just a man who takes his fatherhood seriously.
But since Zuckerberg hasn’t discussed any sort of fascination with Sting and he hasn’t used those accounts since 2012 (before he became a father), how did OurMine know? The LinkedIn breach produced SHA1-hashed credentials — encrypted, they still needed work to be broken into usable form for access. SHA-1 stands for Secure Hash Algorithm. It was designed by the NSA. An SHA-1 hash is “typically rendered as a hexadecimal number, 40 digits long.” according to Wikipedia, which follows that description with the sentence: “SHA-1 is no longer considered secure against well-funded opponents.”
