Top Ten Most Easily Guessed Passwords

Monday, November 21, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

 

Are you using the password “password” or “123456″?

If so congratulations, you are using one of the top two worst and easiest to guess passwords on the internet.

Splashdata creates an annual list of the worst passwords to use on the net, and here are the top 10 for 2011:

1.  password
2.  123456
3.  12345678
4.  qwerty
5.  abc123
6.  monkey
7.  1234567
8.  letmein
8.  trustno1
10. dragon

If you are using any of these or the other 15 on the top 25 list, change them now.

This is very interesting, but how does this compare to lists that have been released from actual hacker attacks? Surely no one would use ‘password’ or ’123456′ as a password in real life.

Or would they? Last year the Wall Street Journal released a list of the top 50 passwords pulled from the Gawker Media hack.

Gawker Media runs numerous websites including the popular Lifehacker, and Gizmodo sites. The hackers publicly posted a list of user names, e-mail addresses, and you guessed it, passwords.

The top 10?

1.  123456
2.  password
3.  12345678
4.  lifehack
5.  qwerty
6.  abc123
7.  111111
8.  monkey
9.  consumer
10. 12345

And if we expand the Gawker password list to include 12 – 14 we also get:

1.  letmein
2.  trustno1
3.  dragon

Do you see any passwords that match between those two lists? How about most of them…

The majority of these make sense, common keys next to each other, and common phrases, but what is up with “monkey” and “dragon”?

The best bet when creating a strong password is to use a long complex sequence of upper and lowercase letters, numbers  and symbols.

Something like:  [P1ckledP!gsF@@T&4aM]

Also, don’t use the same password for several sites, or use your work passwords at home. Using complex passwords will go a long way in securing your online activities.

Source:  http://cyberarms.wordpress.com/2011/11/21/25-passwords-not-to-use-on-the-internet/

Possibly Related Articles:
18381
Network Access Control
Passwords Authentication Access Control internet Headlines hackers online safety
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.