Monday, November 11, 2013

The Dangers of Useless Passwords

Despite the endless warnings, despite all the advice, despite the plethora of useful articles on the seriousness of passwords, it seems computer users everywhere just can’t help creating really useless passwords. Analysis of user passwords gathered from a recent Adobe attack reveal a Top 20 list full of easy-to-remember but equally easy-to-guess passwords, with “123456” topping the list.


The Adobe hack affected 38 million accounts, yes that's 38 million. The security breach actually hit more than 150 million accounts, though most are no longer used.

Adobe has changed the passwords on affected accounts and contacted users to let them know how to reset their account with a personally chosen password. It also instructed users to change their passwords on any other website where they may have used the same user ID and password as their Adobe account.

Now some of the stolen data has started to show up across the web, with Internet security researcher Jeremi Gosney uncovering a mass of passwords, despite the US software giant saying they were protected by encryption. However, an Adobe spokesperson said last week that up to now there have been no reports of suspicious activity on user accounts affected by the security breach.

Now that you know “123456” topped the list of 1.9 million passwords, perhaps you can guess what came in at number 2…..“123456789”. Number 3 will be enough to make any Web security advisor consider giving up the day job in despair: “password”.

Here are the rest of the top 20 most popular passwords gathered from the Adobe hack: adobe123 / 12345678 / qwerty / 1234567 / 111111 / photoshop / 123123 / 1234567890 / 000000 / abc123 / 1234 / adobe1 / macromedia / azerty / iloveyou / aaaaaa / 654321.

The thing is, if someone uses a number like “123456” for their password on one site, it’s a safe bet they use the same number on all the websites for which they have accounts, unless, of course, you keep all your passwords in a big red notebook with “MY PASSWORDS” written on the front. And those who have “adobe123″ as their password no doubt also use “facebook123”, “twitter123”….so you get the idea. Useless passwords only place your security in real jeopardy.

If you are curious and would like to check out the top 100 used passwords on Adobe click here.

Today you should use a password manager like LastPass to manage your accounts. There are many other programs and services that you can use to manage your passwords as well. Otherwise if you  use useless passwords (say that 10 times fast) you are really taking a security risk with your personal information.

No comments:

Post a Comment