Investigation of 32 million breached passwords reveals old tendencies

Imperva security experts analyzed 32 million passwords cracked in Rockyou.com incident. The results of the study are not surprising: people still don’t care about their security enough to come up with strong passwords. Researchers have even compared the results to Unix password study done back in 1990; the variety of passwords remained almost the same.

The problem with weak password is that it breaks easily against automated cyber attacks. This type of attack tries all the most common dictionary words and most common passwords one by one. Since large group of people uses the same easy to remember passwords such as ‘123456’ or ‘password’, it doesn’t take much effort to break into an account even when the attack is manual. The automated attack which is much more common makes things even simpler. According to security experts, in the Rockyou.com case a hacker could gain access to one new account every second due to simplicity of passwords.

Security researchers insist on using difficult to guess passwords. You might be careless about losing your email account but many people use the same password for several accounts and losing the one password brings lots of information in jeopardy. And even more trouble is around when the same password is used in workplace.

The most commonly used passwords:
1. 123456
2. 12345
3. 123456789
4. Password
5. iloveyou
6. princess
7. rockyou
8. 1234567
9. 12345678
10. abc123
11. Nicole
12. Daniel
13. babygirl
14. monkey
15. Jessica
16. Lovely
17. michael
18. Ashley
19. 654321
20. Qwerty

Read the full study report .

More Online security news

Source Code is Stolen By Hackers

George Kurtz, McAfee's chief technology officer, announced about the attack against software configuration management products. According to security vendor McAfee, which released a report, in some of these attacks software source code was accessed by hackers. These attacks were targeted to company engineers and technical staff. It was done by malicious software. According to Kurtz, source code management systems were accessed and code was downloaded outside of company firewalls. Read more.

• Mariposa Botnet is Closed and Attackers Are Arrested
• Microsoft's Final Battle Against Waledac Spam Bot
• China Posted Regulations
• Facebook Gold Account Scam
• The .ru Equivalent for .cn Domain
• 'Kneber' Botnet Attacks Computers Across the World
• Comodo Dragon Browser's Appearance
• Be More Careful on Facebook
• StopBadware Becomes Nonprofit and Independent
• Macs are still relatively safe

News categories

• Malware
• Spam and email
• Phishing
• Mobile security
• Vulnerabilities
• Security software
• Online security
• Security basics

Latest news

• New iPad Attracts Spammers
• How to Create a Secure Password?
• A Bug Found in OpenSSL
• Source Code is Stolen By Hackers
• Google Engineer Disclosed Window's DEP Flaw
• Top 15 Most Abused TLDs in February 2010
• Mariposa Botnet is Closed and Attackers Are Arrested
• Be Careful With F1!
• Fake Virus Total
• Recently Used Spam Categories

Antispyware Software

• • Download Spyware Doctor
    
• • Download VIPRE Antivirus + Antispyware
    
• • Download Trend Micro AntiVirus plus AntiSpyware
    
• • Download Spy Sweeper
    

Subscribe