The #1 Password For 2014? 123456

Discussion in 'Forum for discussion of ANTICHAT' started by K800, 21 Jan 2015.

  1. K800

    K800 Nobody's Fool

    25 Dec 2010
    Likes Received:
    SplashData has announced its annual list of the 25 most common passwords found on the Internet – thus making them the “Worst Passwords” that will expose anybody to being hacked or having their identities stolen. In its fourth annual report, compiled from more than 3.3 million leaked passwords during the year, “123456”and “password” continue to hold the top two spots that they have held each year since the first list in 2011. Other passwords in the top 10 include “qwerty,” “dragon,” and “football."

    Presenting SplashData’s “Worst Passwords of 2014”:

    1. 123456 (Unchanged from 2013)
    2. password (Unchanged)
    3. 12345 (Up 17)
    4. 12345678 (Down 1)
    5. qwerty (Down 1)
    6. 1234567890 (Unchanged)
    7. 1234 (Up 9)
    8. baseball (New)
    9. dragon (New)
    10. football (New)
    11. 1234567 (Down 4)
    12. monkey (Up 5)
    13. letmein (Up 1)
    14. abc123 (Down 9)
    15. 111111 (Down 8)
    16. mustang (New)
    17. access (New)
    18. shadow (Unchanged)
    19. master (New)
    20. michael (New)
    21. superman (New)
    22. 696969 (New)
    23. 123123 (Down 12)
    24. batman (New)
    25. trustno1 (Down 1)

    Also in the top 100 are swear words and phrases, hobbies, famous athletes, car brands, and film names.

    We would give you advice on creating a better password but let’s be honest; if you’re reading this you probably know better and if you are using 123456 odds are you don’t read tech news. Ever.

    1 person likes this.
  2. lifescore

    lifescore Elder - Старейшина

    27 Aug 2011
    Likes Received:
    Думаю это последний год "призовой" был для "123456".

    На кануне 2015 заметил прогрессивную тенденцию перехода к более стойким паролям. Ярким пример этого большое кол-во зарубежных сервисов/порталов уже сделали переход к новой политике:
    ( lower + UPPER + Dig ) 8+ symbols
    Да, это возможно не значительно исправит ситуацию, но с другой стороны также и не соглашусь.
    Довольно кардинальные реформы внутри компаний, к тому же делая Юзеров причастными к этому (смена/восстановления/сброс пароля). Заметную часть клиентов теряют компании.

    Однако как-то писал статейку, в которой привел более 11 методов усиления защиты от брутфорса, не вовлекая юзеров абсолютно ничем в процессе улучшения систем защиты.

    И, могу предположить, что с криптографической стороны в данном случае заметно сужается диапазон атаки. Логично, если у пользователя был постоянный пароль < 8 symbols, большинство выберут длину пароля именно 8 символов. А, более продвинутые юзеры и до этого владели вполне стойкими и уникальными паролями.

    Sorry for my english ;)

    I think this is the last year "prize" was to "123456".

    On the eve of 2015 saw a progressive trend of transition to a strong password. A striking example of this is a large number of foreign services / portals have already made the transition to a new policy:
    (Lower + UPPER + Dig) 8+ symbols

    Yes, it can not significantly improve the situation, but on the other hand also do not agree.
    Pretty radical reforms within companies, besides making Users involved in this (change / restore / reset the password). A significant part of the company's customers lose.

    However, once wrote an article, which brought more than 11 methods to strengthen protection against brute force without involving users is absolutely nothing in the process of improving security systems.

    And I assume that with cryptographic hand in this case significantly narrows the range of attack. Logically, if the user was a permanent password <8 symbols, most will choose the length of the password is 8 characters. A more advanced users, and before that owned quite persistent and unique password....
    #2 lifescore, 21 Jan 2015
    Last edited: 21 Jan 2015