This is becoming a quarterly topic around here. Imperva has done some statistical analysis of the 32 million passwords which were exposed in the Rockyou.com security breach:
Key findings of the study include:
* The shortness and simplicity of passwords means many users select credentials that will make them susceptible to basic forms of cyber attacks known as “brute force attacks.”
* Nearly 50% of users used names, slang words, dictionary words or trivial passwords (consecutive digits, adjacent keyboard keys, and so on). The most common password is “123456”.
* Recommendations for users and administrators for choosing strong passwords.
“Everyone needs to understand what the combination of poor passwords means in today’s world of automated cyber attacks: with only minimal effort, a hacker can gain access to one new account every second—or 1000 accounts every 17 minutes,” explained Imperva’s CTO Amichai Shulman.
The report identifies the most commonly used passwords:
1. 123456
2. 12345
3. 123456789
4. Password
5. iloveyou
6. princess
7. rockyou
8. 1234567
9. 12345678
10. abc123
So there you go — all the tools you need to be a world-class password cracker.
That’s funny, as our IT guy at work has asked me several times to tone down my password. Apparently “SuckMyFurryLeftButtockYouKnuckleDraggingPutzWanker69” is thought by some to be inappropriate. It must be the “69” part.
Comment by Lickmuffin — January 21, 2010 @ 15:30