Jump to content

Photo

'password' is among the most popular passwords


  • Please log in to reply
20 replies to this topic

#1 SushiKitten

SushiKitten

    Coffee Cat

  • Members
  • 1,916 posts
  • LocationCanada

Posted 16 December 2013 - 07:17 PM

So I've been working on my work term report the past few days (which isn't nearly done and needs to be by tomorrow so my supervisor can read and approve it), and I stumbled upon an interesting story:

 

http://www.bbc.co.uk...nology-24821528

 

Basically, Adobe got hacked, info from 150 million accounts stolen, someone from a security company analysed the hashed passwords, determined the top passwords in the group. 'password', '123456', and 'adobe123' are among the top.

 

Just goes to show if you don't force people to choose strong passwords, they won't.

 

EDIT: Just a mini rant to add to this. I've been working with my university IT help desk since September, and the amount of calls I get complaining that they're forced to change their password every six months is.. ugh. It's because of this! People think that changing your password doesn't help with security at all but if you were to fall for a phishing scam, or if your information was stolen like in this story, you may very well never know because they don't want you to, and they'll have access to that account until you change your password. And using the same password across different sites could cause havoc on your life, especially email addresses, facebook, and online bank accounts.



#2 I'mANerdAndProud

I'mANerdAndProud

    Byte

  • Members
  • 19 posts

Posted 16 December 2013 - 07:18 PM

This makes me so angry, why do people have to hack passwords? Why can't people be nice?



#3 SpleenBeGone

SpleenBeGone

    Deer Leader of the Goriest Revolution

  • Administrators
  • 14,951 posts
  • LocationHouston

Posted 16 December 2013 - 07:20 PM

I'm pretty sure iamgod and monkey are in the top 10 as well.


nmjUGDL.jpg

#4 SushiKitten

SushiKitten

    Coffee Cat

  • Members
  • 1,916 posts
  • LocationCanada

Posted 16 December 2013 - 07:29 PM

I'm pretty sure iamgod and monkey are in the top 10 as well.

I think letmein is another one too, and who can forget good ol' qwerty lol



#5 SpleenBeGone

SpleenBeGone

    Deer Leader of the Goriest Revolution

  • Administrators
  • 14,951 posts
  • LocationHouston

Posted 16 December 2013 - 07:35 PM

It's amazing how simple most passwords are. :lol:


nmjUGDL.jpg

#6 (V) (`m`) (V) ︵ ┻━┻

(V) (`m`) (V) ︵ ┻━┻

    Forever in debt to your priceless advice.

  • Members
  • 10,996 posts
  • LocationThey're coming to take me away..

Posted 16 December 2013 - 07:37 PM

I like to randomly pick out a word and number combination that mean nothing to me.

But inevitably i stick with the tried and true curse words because those i remember.

ΝΙΨΟΝ ΑΝΟΜΗΜΑΤΑ ΜΗ ΜΟΝΑΝ ΟΨΙΝ

obazNZl.gif


#7 SushiKitten

SushiKitten

    Coffee Cat

  • Members
  • 1,916 posts
  • LocationCanada

Posted 16 December 2013 - 07:43 PM

I like to randomly pick out a word and number combination that mean nothing to me.

But inevitably i stick with the tried and true curse words because those i remember.

Ahaha we have an sweet old lady who comes to the help desk sometimes because she can't get something working, she's not worried about giving you her password, it's usally along the lines of 'Fuck1you'.. 

 

I've always thought about doing the 'correcthorsebatterystaple' thing but I could never come up with a set of four words I'd remember.



#8 (V) (`m`) (V) ︵ ┻━┻

(V) (`m`) (V) ︵ ┻━┻

    Forever in debt to your priceless advice.

  • Members
  • 10,996 posts
  • LocationThey're coming to take me away..

Posted 16 December 2013 - 07:46 PM

Thatdoesntgothere.

ΝΙΨΟΝ ΑΝΟΜΗΜΑΤΑ ΜΗ ΜΟΝΑΝ ΟΨΙΝ

obazNZl.gif


#9 SushiKitten

SushiKitten

    Coffee Cat

  • Members
  • 1,916 posts
  • LocationCanada

Posted 16 December 2013 - 07:51 PM

Thatdoesntgothere.

I don't know, I just found a generator (http://correcthorsebatterystaple.net/) and it's hard to beat DeadGoatGoForth9



#10 (V) (`m`) (V) ︵ ┻━┻

(V) (`m`) (V) ︵ ┻━┻

    Forever in debt to your priceless advice.

  • Members
  • 10,996 posts
  • LocationThey're coming to take me away..

Posted 16 December 2013 - 07:52 PM

Oh man.. first go.. Explosive-Shilling-Adopt-Wicked-10. That thing is incredible.

ΝΙΨΟΝ ΑΝΟΜΗΜΑΤΑ ΜΗ ΜΟΝΑΝ ΟΨΙΝ

obazNZl.gif


#11 No-Danico

No-Danico

    Danger Zone

  • Members
  • 1,776 posts
  • LocationGA, USA

Posted 16 December 2013 - 08:29 PM

 

Mel Brooks is never not always relevant.

 

Best that popped up: Influential-Family-Kiss-mud-1


ElectricSevereKatydid.gif

My first novel, Seeds of Magic- Barnes & Noble, Smashwords, Kobo, Sony Store


 


#12 seakingtheonixpected

seakingtheonixpected

    Gigabyte

  • Members
  • 986 posts
  • LocationSomewhere beyond the sea

Posted 17 December 2013 - 07:14 AM

Getting hack is one of those things you don't really think about until after it happens. It is probably bad that I only really cycle through 4 different passwords.

 

here is an XKCD comic that is sort of relevant!

http://xkcd.com/936/



#13 SpleenBeGone

SpleenBeGone

    Deer Leader of the Goriest Revolution

  • Administrators
  • 14,951 posts
  • LocationHouston

Posted 17 December 2013 - 07:45 AM

There's always a relevant xkcd.


nmjUGDL.jpg

#14 Calvary

Calvary

    Conceptual

  • Members
  • 6,624 posts
  • Locationwww.

Posted 17 December 2013 - 12:25 PM

I'msorryDaveI'mafraidIcan'tdothat

 

I should start changing my passwords more I think. I used to use the same password for every site I was ever on from 2006-2011, I'm starting to create new ones for new sites I go on but damn, I didn't realise the severity of not shaking things up.


tumblr_om7nwjm5Wm1rsea1wo1_500.gif
Ask for my discord/Insta/Tumblr if you want.


#15 Champion of Cyrodiil

Champion of Cyrodiil

    Gigabyte

  • Members
  • 776 posts
  • LocationVirginia

Posted 17 December 2013 - 03:17 PM

I had a computing environment I setup that had to pass a special inspection process covering Active Directory's Group Security Policies in addition to other security checks.

 

The minimum required length for a password was 15 characters, and had to contain, at least 1 Upper, 1 lower, 1 special and 1 number. So somthing like this: P@ssw0rdsaresoawesomesauce.

 

The client laptops all had fingerprint readers.  I found a setting in the active directory policy that would allow directory login using a biometric latent.  So I asked if we could enable the use of biometric logins within the small private domain that is NOT connected to the web.

 

He said that was a good question and of all the sites he inspects, nobody had asked that yet.  So he had to go back to his agency and find out the answer.

 

The answer was, "You can authorize the biometric login WITH the additional requirement of entering a password, but you can't have just the biometric login by itself."

 

My response was, "typical."



#16 seakingtheonixpected

seakingtheonixpected

    Gigabyte

  • Members
  • 986 posts
  • LocationSomewhere beyond the sea

Posted 17 December 2013 - 03:26 PM

you don't even need to know someones password to get into a lot of accounts.

 

If they put favorite food as a security question it is usually pizza.

 

It was great, there was this copypasta image going around Facebook a while back that went something like "How well do my friends actually know me, see if you can answer these questions."

 

All of the questions were questions that security questions would normally ask.



#17 Champion of Cyrodiil

Champion of Cyrodiil

    Gigabyte

  • Members
  • 776 posts
  • LocationVirginia

Posted 17 December 2013 - 03:27 PM

you don't even need to know someones password to get into a lot of accounts.

 

If they put favorite food it is usually pizza.


And any other questions are usually on their Facebook.



#18 Calvary

Calvary

    Conceptual

  • Members
  • 6,624 posts
  • Locationwww.

Posted 17 December 2013 - 04:57 PM

When I applied for a Visa, the security question was reaaally cryptic, Grandmother's maiden name, favourite historical figure, that sort of thing. Not the normal, 'what was your first pet called' type question.


tumblr_om7nwjm5Wm1rsea1wo1_500.gif
Ask for my discord/Insta/Tumblr if you want.


#19 Krankykoala

Krankykoala

    Terabyte

  • Members
  • 1,629 posts

Posted 19 December 2013 - 10:24 PM

my passwords are usually sentences, and lately I have been changing what language the sentence is written in whenever I actually change a password


First they came for the Socialists, and I did not speak out-- Because I was not a Socialist.

Then they came for the Trade Unionists, and I did not speak out-- Because I was not a Trade Unionist.

Then they came for the Jews, and I did not speak out-- Because I was not a Jew.

Then they came for me-- and there was no one left to speak for me.


#20 Benihime

Benihime

    Megabyte

  • Members
  • 683 posts
  • LocationDee. Eff. Dub.

Posted 22 December 2013 - 10:14 PM

Court-Mad-Funeral-Misery-3

....should be easy to remember....
image-54.jpg