Results 1 to 14 of 14

Thread: News - The 25 worst passwords for your online accounts revealed

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,073 times in 719 posts

    News - The 25 worst passwords for your online accounts revealed

    If you use one of these passwords it's time to make a change...
    Read more.

  2. #2
    Registered+
    Join Date
    Sep 2005
    Posts
    42
    Thanks
    15
    Thanked
    3 times in 3 posts

    Re: News - The 25 worst passwords for your online accounts revealed

    monkey, dragon and superman... hmm!

    So depressing to see 'password' topping this list, yet oh so predictable too.

  3. #3
    Gordy Gordy's Avatar
    Join Date
    Jul 2003
    Location
    Bristol
    Posts
    3,805
    Thanks
    63
    Thanked
    72 times in 50 posts

    Re: News - The 25 worst passwords for your online accounts revealed

    The issue I have with password always topping this list, is that it is used by people who don't care if that account is stolen. For example you are forced to setup an account to access something for a one off. You make up a silly email address and use password.
    If anything that is just as a secure as using something else as there is no link back to you and you don't care about the account.

    That doesn't cover everything, but a fair portion of password as password could be this?

  4. #4
    WEEEEEEEEEEEEE! MadduckUK's Avatar
    Join Date
    May 2006
    Location
    Lytham St. Annes
    Posts
    17,297
    Thanks
    653
    Thanked
    1,580 times in 1,006 posts
    • MadduckUK's system
      • Motherboard:
      • MSI B450M Mortar
      • CPU:
      • AMD Ryzen 5 3600
      • Memory:
      • 32GB 3200 DDR4
      • Storage:
      • 1x480GB SSD, 1x 2TB Hybrid, 1x 3TB Rust Spinner
      • Graphics card(s):
      • Radeon 5700XT
      • PSU:
      • Corsair TX750w
      • Case:
      • Phanteks Enthoo Evolv mATX
      • Operating System:
      • Windows 10 x64
      • Monitor(s):
      • Samsung SJ55W, DELL S2409W
      • Internet:
      • Plusnet 80

    Re: News - The 25 worst passwords for your online accounts revealed

    If they haven't done it by now...
    Quote Originally Posted by Ephesians
    Do not be drunk with wine, which will ruin you, but be filled with the Spirit
    Vodka

  5. #5
    Now 100% Apple free cheesemp's Avatar
    Join Date
    Apr 2007
    Location
    Near the New forest
    Posts
    2,948
    Thanks
    354
    Thanked
    255 times in 173 posts
    • cheesemp's system
      • Motherboard:
      • ASUS TUF x570-plus
      • CPU:
      • Ryzen 3600
      • Memory:
      • 16gb Corsair RGB ram
      • Storage:
      • 256Gb NVMe + 500Gb TcSunbow SDD (cheap for games only)
      • Graphics card(s):
      • RX 480 8Gb Nitro+ OC (with auto OC to above 580 speeds!)
      • PSU:
      • Cooler Master MWE 750 bronze
      • Case:
      • Gamemax f15m
      • Operating System:
      • Win 11
      • Monitor(s):
      • 32" QHD AOC Q3279VWF
      • Internet:
      • FTTC ~35Mb

    Re: News - The 25 worst passwords for your online accounts revealed

    Reminds me of the old joke in Spaceballs about the key code to planet druidia's shield.
    (Paraphrased for memory):

    Darth Helmet - 12345 - only an idiot would have that on his luggage
    President (Just returning) - Have we got the password
    Darth Helmet - 12345
    President - Damn same code I have on my luggage. I better get it changed.

  6. Received thanks from:

    danroyle (24-11-2011)

  7. #6
    S1L3NT danroyle's Avatar
    Join Date
    Aug 2006
    Location
    sussex
    Posts
    4,243
    Thanks
    145
    Thanked
    186 times in 153 posts
    • danroyle's system
      • Motherboard:
      • N/A
      • CPU:
      • Intel Core I7 4720HQ
      • Memory:
      • 8GB
      • Storage:
      • 128GB SSD +1tb HDD
      • Graphics card(s):
      • Geforce Gtx960m
      • PSU:
      • N/A
      • Case:
      • N/A
      • Operating System:
      • WINDOWS 10 64bit
      • Monitor(s):
      • 15.6" IPS
      • Internet:
      • BT Fibre

    Re: News - The 25 worst passwords for your online accounts revealed

    Quote Originally Posted by cheesemp View Post
    Reminds me of the old joke in Spaceballs about the key code to planet druidia's shield.
    (Paraphrased for memory):

    Darth Helmet - 12345 - only an idiot would have that on his luggage
    President (Just returning) - Have we got the password
    Darth Helmet - 12345
    President - Damn same code I have on my luggage. I better get it changed.
    cheers that made me laugh loved spaceballs as a kid/teenager/ full grown adult


  8. #7
    Gentoo Ricer
    Join Date
    Jan 2005
    Location
    Galway
    Posts
    11,048
    Thanks
    1,016
    Thanked
    944 times in 704 posts
    • aidanjt's system
      • Motherboard:
      • Asus Strix Z370-G
      • CPU:
      • Intel i7-8700K
      • Memory:
      • 2x8GB Corsiar LPX 3000C15
      • Storage:
      • 500GB Samsung 960 EVO
      • Graphics card(s):
      • EVGA GTX 970 SC ACX 2.0
      • PSU:
      • EVGA G3 750W
      • Case:
      • Fractal Design Define C Mini
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • Asus MG279Q
      • Internet:
      • 240mbps Virgin Cable

    Re: News - The 25 worst passwords for your online accounts revealed

    How's about this: }~AW`D5%h\9^y.u3yH8a`18i[s9oi!J.

    Of course, the real problem with a password that complex is that most web services wont even let you use it. Insecurity is inherent to the 'cloud'.

  9. #8
    Senior Member
    Join Date
    Jun 2004
    Location
    Kingdom of Fife (Scotland)
    Posts
    4,991
    Thanks
    393
    Thanked
    220 times in 190 posts
    • crossy's system
      • Motherboard:
      • ASUS Sabertooth X99
      • CPU:
      • Intel 5830k / Noctua NH-D15
      • Memory:
      • 32GB Crucial Ballistix DDR4
      • Storage:
      • 500GB Samsung 850Pro NVMe, 1TB Samsung 850EVO SSD, 1TB Seagate SSHD, 2TB WD Green, 8TB Seagate
      • Graphics card(s):
      • Asus Strix GTX970OC
      • PSU:
      • Corsair AX750 (modular)
      • Case:
      • Coolermaster HAF932 (with wheels)
      • Operating System:
      • Windows 10 Pro 64bit, Ubuntu 16.04LTS
      • Monitor(s):
      • LG Flattron W2361V
      • Internet:
      • VirginMedia 200Mb

    Re: News - The 25 worst passwords for your online accounts revealed

    Problem I have (and I'm assuming that other folks are the same) is that quite a lot of websites put barriers in place to stop you using strong passwords - e.g. "SayNo-2-Hackers!". It's often that I find find low limits on length, and no non-alphanumeric characters.

    Listening to the SecurityNow! podcast (which I find quite good) they seem to recommend the use of these fully-automated password managers. Personally I don't like these and prefer to use something simpler (a secure password storage) that stores the password but doesn't insist on supplying it to the browser itself. Mainly because a lot of banks seem to go in for these "supply characters X, Y and Z from your password" rather than a whole password.

    Actually the software I use - B-Folders - seems to have pretty good encryption, a lot of convenience features, isn't that expensive, and can sync to all my desktop/laptops and mobile phone. If you're using one of these then there really isn't an excuse - other than laziness - for having short/stupid passwords. (And no, I don't work for the folks that do B-Folders).

    Actually, there's an idea - I use B-Folders, and I know about KeePass and Roboform (the latter is one of those products that fills in logins for you), but are there any other password managers out there that fellow Hexus readers rate? Maybe this information would be helpful for folks who want to increase their security.

    Career status: still enjoying my new career in DevOps, but it's keeping me busy...

  10. #9
    cat /dev/null streetster's Avatar
    Join Date
    Jul 2003
    Location
    London
    Posts
    4,138
    Thanks
    119
    Thanked
    100 times in 82 posts
    • streetster's system
      • Motherboard:
      • Asus P7P55D-E
      • CPU:
      • Intel i5 750 2.67 @ 4.0Ghz
      • Memory:
      • 4GB Corsair XMS DDR3
      • Storage:
      • 2x1TB Drives [RAID0]
      • Graphics card(s):
      • 2xSapphire HD 4870 512MB CrossFireX
      • PSU:
      • Corsair HX520W
      • Case:
      • Coolermaster Black Widow
      • Operating System:
      • Windows 7 x64
      • Monitor(s):
      • DELL U2311
      • Internet:
      • Virgin 50Mb

    Re: News - The 25 worst passwords for your online accounts revealed

    Am sure there was some web comic, xkcd or similar where they said that we are taught to create passwords that end up being easy to (bruteforce) crack, yet difficult to remember... and recommended using phrases "ThisIsMyAwesomePassword1$" instead of random gibberish...

    Still... "password" is an easy one to remember and hasn't landed me in much trouble yet

  11. #10
    Senior Member
    Join Date
    Jul 2007
    Posts
    519
    Thanks
    2
    Thanked
    16 times in 14 posts
    • McPhee's system
      • Motherboard:
      • Asus P8H67 Pro
      • CPU:
      • Intel i5 2400
      • Memory:
      • 4GB Crucial DDR3-1033
      • Storage:
      • 128GB Kingston SSDNow V2+
      • Graphics card(s):
      • Asus GTX460
      • PSU:
      • BeQuiet 550W
      • Case:
      • Antec 900
      • Operating System:
      • Windows 7
      • Monitor(s):
      • 19" Samsung 941BW
      • Internet:
      • 1Mbps

    Re: News - The 25 worst passwords for your online accounts revealed

    I was reading an article a while back (I think it was on Lifehacker?) where they basically said the way forward with passwords is to drop the 'word' bit and make them pass phrases. The example they gave was something like 'Johnny went to the shops to buy a pint of milk', which is apparently harder to crack than even good 8-character passwords like 'J/ie3[F4' while still being as easy to remember as commonly used passwords like the ones in this article. Seemed like a fantastic idea to me. It's just a shame that it would be almost impossible to get it implemented universally.

  12. #11
    Senior Member
    Join Date
    Aug 2008
    Posts
    1,894
    Thanks
    92
    Thanked
    84 times in 64 posts
    • miniyazz's system
      • CPU:
      • Acer Aspire 8920G
      • Operating System:
      • Windows 7 Pro
      • Monitor(s):
      • Optoma HD700X projector @ c. 90"
      • Internet:
      • Really, really ****

    Re: News - The 25 worst passwords for your online accounts revealed

    Quote Originally Posted by Gordy View Post
    The issue I have with password always topping this list, is that it is used by people who don't care if that account is stolen. For example you are forced to setup an account to access something for a one off. You make up a silly email address and use password.
    If anything that is just as a secure as using something else as there is no link back to you and you don't care about the account.

    That doesn't cover everything, but a fair portion of password as password could be this?
    Guilty!

    Quote Originally Posted by aidanjt View Post
    How's about this: }~AW`D5%h\9^y.u3yH8a`18i[s9oi!J.

    Of course, the real problem with a password that complex is that most web services wont even let you use it. Insecurity is inherent to the 'cloud'.
    What?!?! *goes off to change password*

  13. #12
    Senior Member
    Join Date
    Mar 2005
    Posts
    4,932
    Thanks
    171
    Thanked
    383 times in 310 posts
    • badass's system
      • Motherboard:
      • ASUS P8Z77-m pro
      • CPU:
      • Core i5 3570K
      • Memory:
      • 32GB
      • Storage:
      • 1TB Samsung 850 EVO, 2TB WD Green
      • Graphics card(s):
      • Radeon RX 580
      • PSU:
      • Corsair HX520W
      • Case:
      • Silverstone SG02-F
      • Operating System:
      • Windows 10 X64
      • Monitor(s):
      • Del U2311, LG226WTQ
      • Internet:
      • 80/20 FTTC

    Re: News - The 25 worst passwords for your online accounts revealed

    Quote Originally Posted by aidanjt View Post
    How's about this: }~AW`D5%h\9^y.u3yH8a`18i[s9oi!J.

    Of course, the real problem with a password that complex is that most web services wont even let you use it. Insecurity is inherent to the 'cloud'.
    Indeed. I have accounts on some sites that require a password between 6 and 8 characters and don't allow you to use special characters. But of course they require you to use at least one number so it's secure - right?

    IIRC one of them's an internet banking site. Their developers need to be shot, frankly.
    "In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship."

  14. #13
    Senior Member
    Join Date
    Jun 2004
    Location
    Kingdom of Fife (Scotland)
    Posts
    4,991
    Thanks
    393
    Thanked
    220 times in 190 posts
    • crossy's system
      • Motherboard:
      • ASUS Sabertooth X99
      • CPU:
      • Intel 5830k / Noctua NH-D15
      • Memory:
      • 32GB Crucial Ballistix DDR4
      • Storage:
      • 500GB Samsung 850Pro NVMe, 1TB Samsung 850EVO SSD, 1TB Seagate SSHD, 2TB WD Green, 8TB Seagate
      • Graphics card(s):
      • Asus Strix GTX970OC
      • PSU:
      • Corsair AX750 (modular)
      • Case:
      • Coolermaster HAF932 (with wheels)
      • Operating System:
      • Windows 10 Pro 64bit, Ubuntu 16.04LTS
      • Monitor(s):
      • LG Flattron W2361V
      • Internet:
      • VirginMedia 200Mb

    Re: News - The 25 worst passwords for your online accounts revealed

    Quote Originally Posted by McPhee View Post
    I was reading an article a while back (I think it was on Lifehacker?) where they basically said the way forward with passwords is to drop the 'word' bit and make them pass phrases. The example they gave was something like 'Johnny went to the shops to buy a pint of milk', which is apparently harder to crack than even good 8-character passwords like 'J/ie3[F4' while still being as easy to remember as commonly used passwords like the ones in this article. Seemed like a fantastic idea to me. It's just a shame that it would be almost impossible to get it implemented universally.
    https://www.grc.com/haystack.htm is quite informative - especially if you read the whole page.

    It amused me that apparently "password" would take a brute-force of 6.91 years, whereas the very similar "P@ssw0rd" jumps up to 2130 centuries to b-f.

    Career status: still enjoying my new career in DevOps, but it's keeping me busy...

  15. #14
    Will work for beer... nichomach's Avatar
    Join Date
    Jul 2003
    Location
    Preston, Lancs
    Posts
    6,137
    Thanks
    564
    Thanked
    139 times in 100 posts
    • nichomach's system
      • Motherboard:
      • Gigabyte GA-870A-UD3
      • CPU:
      • AMD Phenom II X6 1055T 95W
      • Memory:
      • 16GB DR3
      • Storage:
      • 1x250GB Maxtor SATAII, 1x 400GB Hitachi SATAII
      • Graphics card(s):
      • Zotac GTX 1060 3GB
      • PSU:
      • Coolermaster 500W
      • Case:
      • Coolermaster Elite 430
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Dell 20" TFT
      • Internet:
      • Virgin Media Cable

    Re: News - The 25 worst passwords for your online accounts revealed

    THIS ?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •