Skip to Content

Smart cryptography may help limit the damage from the MyFitnessPal megabreach

The fitness app uses a technology called bcrypt that will give the hackers a serious headache.
March 30, 2018

It doesn’t look good for Under Armour. The apparel giant and owner of the diet-tracking app MyFitnessPal just suffered one of the biggest data breaches in cybersecurity history, with hackers getting away with information including the usernames, e-mail addresses, and passwords associated with approximately 150 million accounts.

But not all hacks are equally disastrous, and this one could turn out to be less damaging than some other huge leaks thanks to Under Armour’s use of a technology called bcrypt to shield many of the stolen passwords.

To appreciate why bcrypt matters, some background on cryptographic defenses helps. The basic approach to shielding passwords involves “hashing,” which converts them into random strings of characters stored in a database. When someone logs in with a plain-text password, the hashed version of this is checked against the hash of their password retrieved from the database; if there’s a match, access is granted. If hackers break into the database, all they get are the hashes, not the actual passwords.

Hashes aren’t designed to be reversed into plain text, but that doesn’t stop the bad guys from trying. Among the tactics they use are “dictionary attacks,” which involves hashing common passwords and phrases to see if these match the encrypted data that’s been stolen, and “brute-force attacks,” which try every possible combination of characters up to a given length to unravel a hash.

To make hackers’ lives harder, smart defenders often use “salting,” which is crypto-speak for appending randomly generated characters to a plain-text password before it’s hashed. This ensures that no two passwords can have the same hash. While salting is a bane to hackers, they can still try to break individualized ciphers using brute-force and dictionary attacks.

That’s where bcrypt comes in. In addition to using salting, it extends the amount of time it takes to run a hash function by requiring multiple rounds of computation to get to a result. “It’s deliberately designed to be colossally slow,” explains Paul Kocher, senior technology advisor at Rambus and a well-known cryptography expert.

“Slow” here is still measured in milliseconds, so the impact on the user’s experience of logging into an app or site is barely noticeable. But even very small delays can frustrate hackers using high-end computer hardware to try to run through billions of hashes a second. Technologies like bcrypt give businesses more time to respond to a breach, and users more time to change their passwords. Under Armour was smart to use bcrypt, though why it didn’t apply it to all of the passwords associated with MyFitnessApp remains a mystery. (The ones not covered by it were protected using a weaker hashing function known as SHA-1.)

The fact that bcrypt can only delay hackers, not thwart them altogether, means it’s still really important to change passwords fast if you’re notified that a service you use has been breached, and to avoid using the same password across multiple applications. It’s also why it pays to use hard-to-guess passwords rather than common ones that can be quickly unpicked by hash-cracking hackers.

Deep Dive


Conceptual illustration of quantum computing circuity, in multiple colors
Conceptual illustration of quantum computing circuity, in multiple colors

Quantum computing has a hype problem

Quantum computing startups are all the rage, but it’s unclear if they’ll be able to produce anything of use in the near future.

winning team for Pwn2own 2022
winning team for Pwn2own 2022

These hackers showed just how easy it is to target critical infrastructure

Two Dutch researchers have won a major hacking championship by hitting the software that runs the world’s power grids, gas pipelines, and more. It was their easiest challenge yet.

child outside a destroyed residential building in Kiev
child outside a destroyed residential building in Kiev

Russia hacked an American satellite company one hour before the Ukraine invasion

The attack on Viasat showcases cyber’s emerging role in modern warfare.

Russia is risking the creation of a “splinternet”—and it could be irreversible

If Russia disconnects from—or is booted from— the internet’s governing bodies, the internet may never be the same again for any of us.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.