The x4ivygA51F Rabbit Hole

25 Nov 2020 - 2 minute read
categories: notes

I recently read the blog about the 200 most common passwords of 2020. It was also featured in Jon Snader’s recent blog post. When the original post was made, I had glanced at the mysterious x4ivygA51F, which appeared at the 148th spot. But when I read the blog post again and searched for an update on it, no one had been able to figure out what that meant.

There were some guesses. Few folks on reddit and 4chan, guessed that it might be password written in another language. This guess was based on a gizmodo article, which mentions something similar. To confirm this hypothesis, I tried searching for Chinese websites if I could find some mention of this. There was little to no mention of this to be able to confirm this, at least on what is to be found through the indexed web on Google or Bing.

Although, one interesting finding here that I saw no one talk about was a post on the forum of a website called 51haoyou. The post on this forum, which talks about a breach by hackers on January 10, 2019 talks about this specific password. In a footnote on this post, it mentions the following:

Note: x4i***1F is the trial password originally displayed by discuz, and x4ivygA51F is the result of my modification of the display program so that the password is displayed completely. On 2019-10-28, I completed “The server-side program is added to determine whether the user login password is encrypted on the client side, otherwise the php program is interrupted”, “Improved the Discuz mobile version, and also realized that the user password is encrypted on the client side. “Retransmit” time.

I guess that it could mean that the Discuz forum software by default suggests this password somewhere on the registration page. Or administratively this is set to be the default password somewhere by this BB software. Using the Cangjie input method, I found those keystrokes build and translate to Question 1. Something similar does come up on the login page this does come up in terms of security question, although this could be entirely incorrect as I don’t know Chinese or Cangjie. Another guess here is that this is the breach that led to the inclusion of this password in the list itself.