21 January 2010

Far too many people still use easy-to-guess passwords. Admittedly, keeping track of multiple passwords for every occasion is difficult, but at least one’s universal password should not be easily guessable!

A lot of people like KeePass (portable) to securely manage their passwords, though I have my own system.

Back at the dawn of the Web, the most popular account password was “12345.”

Today, it’s one digit longer but hardly safer: “123456.”

Mr. Shulman and his company examined a list of 32 million passwords that an unknown hacker stole last month from RockYou…  The list was briefly posted on the Web, and hackers and security researchers downloaded it.

Imperva found that nearly 1 percent of the 32 million people it studied had used “123456” as a password. The second-most-popular password was “12345.” Others in the top 20 included “qwerty,” “abc123” and “princess.”

More disturbing, said Mr. Shulman, was that about 20 percent of people on the RockYou list picked from the same, relatively small pool of 5,000 passwords.

That suggests that hackers could easily break into many accounts just by trying the most common passwords. Because of the prevalence of fast computers and speedy networks, hackers can fire off thousands of password guesses per minute.

One commenter also suggested this tool:  http://www.pctools.com/guides/password/

blog comments powered by Disqus