In ep #83 +Joe Ressington
assures us that the passwords for the 2 million ubuntu forums accounts were stolen, and that they were out there and someone could decrypt them. This is 100% false.
The passwords stored in the forums were not actual passwords or hashed passwords, but randomly generated strings. The Ubuntu forums uses Ubuntu SSO (an entirely separate service) for authenticating users. So the forums users passwords aren't even stored in vBulletin at all.
When users are created though, the password field in the database is "required" so gets filled with junk. We can't fill them all with the same "This is not a password" text because vBulletin requires them to differ, hence why they're all random junk. So, no, the passwords for those 2 million accounts absolutely were not leaked, even in an encrypted form, because they're not there to leak.