Aside from the relative ease with which attackers guess passwords, once they have stolen the list of usernames and hashed ( a one-way algorithm used to hide data) passwords, the attacker just checks a dictionary of hashed words against the hashed passwords to find matches.

FORBES: Perhaps Sony should consider strong authentication?