Jan
22

Poor Password Practices

Michael on January 22nd, 2010
Bookmark and Share

As common as identity theft has become, I am amazed at the poor password practices of many people I interact with.

You: Because I use my significant other’s name as my password?

That’s one example.  But, at least according to this New York Times article, there are far more egregious examples.   When a hacker was able to get into a big web site and decided to post all the passwords, an analysis of the top passwords used featured obvious choices that could easily be guessed.

The number one most commonly used password?  See below:

  • 123456

You: that seems like a pretty easy one to figure out.

I agree, but apparently people figured it was far safer than the second most commonly used password . . . wait for it:

  • 12345

You: Not exactly a tough one.

No.

You: What else did people use?

Besides the incredibly sly password 123456789, the next most common password, and the first one to introduce the complexity that letters create was:

  • password

You: Huh?

The most common password that uses letters was “password”.

You: Seriously?

Yes.  Also, Iloveyou.

You: Excuse me?

Iloveyou.

You: This is out of nowhere. I’m just reading your blog. . . I barely know who you are.  You’re making me uncomfortable.

Sorry, just reporting the news. The next most common password after password is “Iloveyou”.

You: Oh. I knew that.

I know.  It doesn’t get much prettier after that (although “princess” is a top 10 password too. My, how modest we all are.).

The analysis showed that 20% of all accounts could be opened by trying just 5,000 passwords. Those smart, yet evil, people with computers surely could figure out a way to try 5,000 passwords on your accounts in fairly short order.

The bottom line:

  • “Password” ain’t no password.
  • Don’t tell your bank that you love them (or at least not as a password).
  • Your dog may be your best friend, but his name is a lousy password.

Also, don’t forget: nT09%9bUl2 is a damn good password.  But if it’s on a post-it note attached to your computer, it sucks.

Bookmark and Share

Tags: ,

Posted by Michael Ranting Subscribe to RSS feed

4 Comments to “Poor Password Practices”

  1. Sikat Ang Pinoy says:
    January 24, 2010 at 3:40 am

    I can not blame them because they want password that is easy to understand but the thing is they need to be secure.

  2. bex says:
    February 5, 2010 at 2:03 am

    It is also possible that most people just don’t consider the data on RockYou.com to be all that important. I would be more impressed if this list was from something people cared about, like a bank site.

  3. Michael says:
    February 5, 2010 at 9:44 am

    @bex: LOL! I bet their some truth to your theory, yet I strongly suspect password practices are nearly as poor when more is at stake. Good comment, thanks.

  4. Paula Jameson says:
    February 6, 2010 at 9:02 pm

    Internet users are still unwilling to sacrifice convenience to safeguard their online details, despite the growing amount of online fraud and other types of cyber crime.

    Paula Jameson
    info@loansquickly.co.uk
    http://www.loansquickly.co.uk

Leave a Reply

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>