The 25 Worst Passwords

[2048Megabytes]

I found this article and thought it was interesting:

The 25 Worst Passwords on the Internet

By: Ned Potter

Getty Images

If you’re trying to protect your email or your bank account online, the dumbest password you can use is … “password.” This is according to SplashData, a California software firm that happens, among other things, to sell an app that helps you manage your passwords.

The list is one of those things that’s fun to poke through, but security people remind us that we’re more vulnerable online than we like to think, and sometimes we make it easy for the bad guys. Take a look, and if you use one of these, SplashData says it’s probably a good idea to change it.

1. password 2. 123456 3.12345678 4. qwerty 5. abc123 6. monkey 7. 1234567 8. letmein 9. trustno1 10. dragon 11. baseball 12. 111111 13. iloveyou 14. master 15. sunshine 16. ashley 17. bailey 18. passw0rd 19. shadow 20. 123123 21. 654321 22. superman 23. qazwsx 24. michael 25. football

We’ve seen things like this before; back in June, a New York app developer named Daniel Amitay found that of the 10,000 possible numeric pass codes on the iPhone, there were just 10 that represented 15 percent of all the codes he found to be in use. Like the list above, it was predictable: 1234 was the runaway leader, followed by 0000, 2580 (the center column on any phone keypad), 1111, 5555 and so forth.

SplashData offers basic advice: Don’t be so predictable.

–Mix up the characters in a password — use letters, numbers and special characters.

–Longer passwords are better passwords. Try eight characters or more, perhaps two words separated by an underscore or a space.

–Don’t use one password for everything. If someone hacks your Facebook account, your bank account may be next.

To remember them all, they say, an online password manager may be useful. Or you may prefer a scrap of paper in your wallet.

To read article see: http://news.yahoo.com/blogs/abc-blogs/25-worst-passwords-internet-120217146.html

 

[tremmor]

And don't forget to use a virtual keyboard. May be there for your virus program. Could goto start / run / type virtual and may come up. Good for typing credit card numbers and passwords. Doubt if being hacked or monitored.

 

[S.T.A.R.S.]

LoL number 9. "TRUSTNO1" rules!

 

[Hsv_Man]

LoL number 9. "TRUSTNO1" rules!

LOL Agreed "STARS"

But how does this company that writes the article know that these are infact the 25 worst passwords. I would have put alot worse passwords before alot of them. There is just no way that this company would have done the research and is probally just some guy in the basement hands them a printed document and says "here you go here is the 25 worst passwords of all time" then walks away laughing. LOL articles like this are just hearsay.

 

[2048Megabytes]

Articles like this are just hearsay.

I would not completely discount the information. I work as a Level 1 technician in Information Technology. I see "Password1" used as an initial password so Users can then reset their password on their account. Some people aren't so smart about it and may only change it to "Password2" instead. I have also seen variations of "superman" and "dragon" used as passwords.

Edit: Good variations of passwords are things you don't forget. You can replace the letter "s" with a "5" or a "$" symbol. Replace ''o" with zeros, letter "a" with the "@" symbol. I would never use any variation of "password" even if is was "P@$$w0rd". Password is one of the first things a hacker would try.

 

[kobaj]

I'll just leave this here.

*click*

 

[2048Megabytes]

Most places have security in place that will not allow brute force on passwords. 3 to 5 password guesses and the account gets locked out or times out for 15 to 30 minutes.

 

[djarvis1one]

LoL number 9. "TRUSTNO1" rules!

I have to disagree, number 8 "letmein" got a short giggle from me.

 

[1337dingo]

some one was telling me that a teacher once gave the IT guys a note saying "i dont want a password" so thats what they set it to just without spaces haha

 

[bratsos]

About pass, the only matter is the handshake encrypted algorithm.

If the guy success to catch it. No have big matter what combination of password you will enter. Only the size of key. But as usual no one use large keys such... fuewreqfgi@jdopi$huode51AS!2HD
Most of people using keys like this ... h3LLo4743!
That mean Max time before crack it.. is about 72 days...
So the only safely action is to change your key every 70 days...
And now crackers no need access in a super computer...
A fast GPU from a modern graphic card is ideal, for this purposes (cracking on the fly).
A fasr GPU = super computer power proccessing !!!

 

[GaryCantley]

About 18 years ago I was in the Armed Forces.

Every so often safe combinations had to be changed. I had served on two ships with the security officer and he asked my then boss if he could borrow me for the afternoon. No problem.

So, whats the job? Easy, here are all the envelopes with the "old" combinations and here are all the "new" combinations.

There were about 75 in each pile, only two from each pile didnt match, they were his and mine.

So, a memo was sent to everyone to change their combination informing them of what had been done. Following week I was back in his office going through the "new" combinations. About half of them still hadnt been changed.

What hope have we when people are given the chance to be secure but arent.

 

[claptonman]

My school's admin password was "admin backwards."

 

[bratsos]

the most worst pass is on oracle database default passworld --->

SYS CHANGE_ON_INSTALL or INTERNAL

and about of 50% of cases, no one change this password xD

(SYS is account, like SYSTEM...)

At least in apache server default pass is admin

 

[Thanatos]

Our school's mascot is the cowboys, so of course the admin password is 'cowboys#1'. I'm the only one that knows it.

And I believe that ATV Off Road Fury 2's password to unlock everything was 'IGIVEUP'.

 

[jonnyp11]

Our school's mascot is the cowboys, so of course the admin password is 'cowboys#1'. I'm the only one that knows it.

ha, there are a few teahers at our school, mainly coaches, that have and will put the school's hidden wifi's ssd on the whiteboard then the password below. and i don't remember them but they were stupid easy ones.

 

[danthrax]

So, a memo was sent to everyone to change their combination informing them of what had been done. Following week I was back in his office going through the "new" combinations. About half of them still hadnt been changed.

What hope have we when people are given the chance to be secure but arent.

What more can be done to educate the general public on the importance of a secure password that gets changed regularly? Probably not much. It is important to inform people that "hey, there's a slim chance that your password for something might get stolen and a cyber-thief will steal your identity and it will cost you money and a headache... but, there's a chance nonetheless so use a secure password and change it regularly." After that, people are on their own!

 

[Motorcharge]

Heh, I actually used my date of birth for years without a single problem, only exception being my bank account logins.