Jump to content

Photo

2012 list of worst passwords

worst password top 25 2012 security computer it

  • Please log in to reply
28 replies to this topic

#1 SpleenBeGone

SpleenBeGone

    Deer Leader of the Goriest Revolution

  • Administrators
  • 14,932 posts
  • LocationHouston

Posted 25 October 2012 - 07:59 AM

  • password (unchanged)
  • 123456 (unchanged)
  • 12345678 (unchanged)
  • abc123 (up 1)
  • qwerty (down 1)
  • monkey (unchanged)
  • letmein (up 1)
  • dragon (up 2)
  • 111111 (up 3)
  • baseball (up 1)
  • iloveyou (up 2)
  • trustno1 (down 3)
  • 1234567 (down 6)
  • sunshine (up 1)
  • master (down 1)
  • 123123 (up 4)
  • welcome (new)
  • shadow (up 1)
  • ashley (down 3)
  • football (up 5)
  • Jesus (new)
  • michael (up 2)
  • ninja (new)
  • mustang (new)
  • password1 (new)

nmjUGDL.jpg

#2 Guest_ElatedOwl_*

Guest_ElatedOwl_*
  • Guests

Posted 25 October 2012 - 08:09 AM

Some of these are coherent - but monkey? dragon? ashley? People are stupid. :x

#3 SpleenBeGone

SpleenBeGone

    Deer Leader of the Goriest Revolution

  • Administrators
  • 14,932 posts
  • LocationHouston

Posted 25 October 2012 - 08:11 AM

I've had to tell multiple people at work not to use monkey.
nmjUGDL.jpg

#4 Bowsette

Bowsette

    Tentacular!

  • Members
  • 4,049 posts

Posted 25 October 2012 - 08:16 AM

There should be something that senses these and refuses to accept them >.>

LL1Yc5i.gif

“Shimatta! Bare… nan no koto kashira?”


#5 SpleenBeGone

SpleenBeGone

    Deer Leader of the Goriest Revolution

  • Administrators
  • 14,932 posts
  • LocationHouston

Posted 25 October 2012 - 08:20 AM

Some password fields will, it can be done.
nmjUGDL.jpg

#6 Guest_ElatedOwl_*

Guest_ElatedOwl_*
  • Guests

Posted 25 October 2012 - 08:23 AM

There should be something that senses these and refuses to accept them >.>

I've thought about doing something like that but I'm worried about the usability issue. A lot of people will use the same password for every site so they can remember it; they register for the site and three months down the road they can't remember their password. If that happens to me I'm more likely to leave and not come back than I am to go through a password recovery process.

I guess I design with the philosophy of protect the user unless it severely inconveniences them.

#7 Jesse Custer

Jesse Custer

    Kilobyte

  • Members
  • 184 posts
  • LocationXanth

Posted 25 October 2012 - 08:23 AM

  • password666 (unchanged)
  • 123456666 (unchanged)
  • 12345678666 (unchanged)
  • abc123666 (up 1)
  • qwerty666 (down 1)
  • monkey666 (unchanged)
  • letmein666 (up 1)
  • dragon666 (up 2)
  • 111111666 (up 3)
  • baseball666 (up 1)
  • iloveyou666 (up 2)
  • trustno1666 (down 3)
  • 1234567666 (down 6)
  • sunshine666 (up 1)
  • master666 (down 1)
  • 123123666 (up 4)
  • welcome666 (new)
  • shadow666 (up 1)
  • ashley666 (down 3)
  • football666 (up 5)
  • Jesus666 (new)
  • michael666 (up 2)
  • ninja666 (new)
  • mustang666 (new)
  • password1666 (new)


/fixt.

#8 Krankykoala

Krankykoala

    Terabyte

  • Members
  • 1,620 posts

Posted 25 October 2012 - 08:45 AM

I've thought about doing something like that but I'm worried about the usability issue. A lot of people will use the same password for every site so they can remember it; they register for the site and three months down the road they can't remember their password. If that happens to me I'm more likely to leave and not come back than I am to go through a password recovery process.

I guess I design with the philosophy of protect the user unless it severely inconveniences them.

password recovery process on most sites takes 10-30 seconds to be into your account again with a new password. I would hardly consider that a severe inconvenience. Particularly because the password is there to protect YOU.

First they came for the Socialists, and I did not speak out-- Because I was not a Socialist.

Then they came for the Trade Unionists, and I did not speak out-- Because I was not a Trade Unionist.

Then they came for the Jews, and I did not speak out-- Because I was not a Jew.

Then they came for me-- and there was no one left to speak for me.


#9 Guest_ElatedOwl_*

Guest_ElatedOwl_*
  • Guests

Posted 25 October 2012 - 08:54 AM

password recovery process on most sites takes 10-30 seconds to be into your account again with a new password. I would hardly consider that a severe inconvenience. Particularly because the password is there to protect YOU.

Heh, it doesn't matter if it's actually easy to do or not, but it's demotivating. They've done massive studies on this kind of thing. Let me see if I can find a link about this kind of thing... I'm thinking of one in particular where an e-commerce site tripled their sales by not requiring users to register to buy stuff.

#10 Guest_ElatedOwl_*

Guest_ElatedOwl_*
  • Guests

Posted 25 October 2012 - 09:00 AM

Here it is, the $300 million dollar button.

Repeat customers weren't any happier. Except for a very few who remembered their login information, most stumbled on the form. They couldn't remember the email address or password they used. Remembering which email address they registered with was problematic - many had multiple email addresses or had changed them over the years.

When a shopper couldn't remember the email address and password, they'd attempt at guessing what it could be multiple times. These guesses rarely succeeded. Some would eventually ask the site to send the password to their email address, which is a problem if you can't remember which email address you initially registered with.

(Later, we did an analysis of the retailer's database, only to discover 45% of all customers had multiple registrations in the system, some as many as 10. We also analyzed how many people requested passwords, to find out it reached about 160,000 per day. 75% of these people never tried to complete the purchase once requested.)


tl:dr; 75% of people requested a password reset and decided they no longer wished to purchase something.

#11 SpleenBeGone

SpleenBeGone

    Deer Leader of the Goriest Revolution

  • Administrators
  • 14,932 posts
  • LocationHouston

Posted 25 October 2012 - 09:02 AM

People are lazy. >.>
nmjUGDL.jpg

#12 Calvary

Calvary

    Conceptual

  • Members
  • 6,624 posts
  • Locationwww.

Posted 25 October 2012 - 09:15 AM

My password is one of those. >_>

tumblr_om7nwjm5Wm1rsea1wo1_500.gif
Ask for my discord/Insta/Tumblr if you want.


#13 SpleenBeGone

SpleenBeGone

    Deer Leader of the Goriest Revolution

  • Administrators
  • 14,932 posts
  • LocationHouston

Posted 25 October 2012 - 09:16 AM

I know which one. <.<
nmjUGDL.jpg

#14 Calvary

Calvary

    Conceptual

  • Members
  • 6,624 posts
  • Locationwww.

Posted 25 October 2012 - 09:19 AM

I know you know. >_>

tumblr_om7nwjm5Wm1rsea1wo1_500.gif
Ask for my discord/Insta/Tumblr if you want.


#15 SpleenBeGone

SpleenBeGone

    Deer Leader of the Goriest Revolution

  • Administrators
  • 14,932 posts
  • LocationHouston

Posted 25 October 2012 - 09:21 AM

DUN DUN DUN!
nmjUGDL.jpg

#16 Calvary

Calvary

    Conceptual

  • Members
  • 6,624 posts
  • Locationwww.

Posted 25 October 2012 - 09:28 AM

Green Giant.

tumblr_om7nwjm5Wm1rsea1wo1_500.gif
Ask for my discord/Insta/Tumblr if you want.


#17 Wolf

Wolf

    Zettabyte

  • Members
  • 6,487 posts

Posted 25 October 2012 - 08:15 PM

The password is...

password





That's some Sarge crap right there

#18 LD50

LD50

    Mechromancer

  • Members
  • 2,053 posts
  • LocationDown the rabbit hole.

Posted 25 October 2012 - 08:34 PM

speaking of having to use the change password function, your site has a terrible captcha >.> it takes me over ten minutes (at least) to find one that i can actually see when i forget my password here.

#19 Affray

Affray

    Knower of things

  • Members
  • 5,598 posts
  • LocationThe Great White North

Posted 25 October 2012 - 11:41 PM

I have an uncommon password, but when I want to use one that is nigh uncrackable I just use an accented letter or two, no one ever uses them or thinks to.

It is perfectly acceptable to fear and admire a being you could not possibly understand.


#20 SpleenBeGone

SpleenBeGone

    Deer Leader of the Goriest Revolution

  • Administrators
  • 14,932 posts
  • LocationHouston

Posted 26 October 2012 - 08:29 AM

The password is...

password





That's some Sarge crap right there

:lol: Yep


speaking of having to use the change password function, your site has a terrible captcha >.> it takes me over ten minutes (at least) to find one that i can actually see when i forget my password here.

Sadly, those are the ones that work best. >.>


I have an uncommon password, but when I want to use one that is nigh uncrackable I just use an accented letter or two, no one ever uses them or thinks to.

That's a good plan.
nmjUGDL.jpg





Also tagged with one or more of these keywords: worst, password, top, 25, 2012, security, computer, it