What’s the worst password of 2011? “password”

password

This last year has brought an increased emphasis on online security—what with the PlayStation Network breach, seemingly endless stories of services, companies, and governments losing personal data or seeing their systems compromised (Valve, Sony, and RSA all spring to mind), one might think consumers would be more careful with passwords on their email and social networking accounts, mobile devices, and even online banking. According to a report published by SpashData—makers of password management software, that’s not really true. SpashData looked at files containing “millions” of stolen passwords that were posted online by cyberattackers in the last year, and has compiled a list of the 25 most common passwords it found. At the top of the list: “password.”

“Hackers can easily break into many accounts just by repeatedly trying common passwords,” said SplashData CEO Morgan Slain, in a statement. “Even though people are encouraged to select secure, strong passwords, many people continue to choose weak, easy-to-guess ones, placing themselves at risk from fraud and identity theft.”

SpashData’s sample is admittedly biased: its list comprises the 25 most common passwords it found in lists of accounts that had been cracked—meaning accounts with more-secure passwords aren’t even in the sample set. There’s also no indication whether these accounts represent real people or simply accounts created by automation or for testing purposes: there’s no way of knowing whether guessing the password to any one of those accounts would actually have a harmful result. Nonetheless, the results seem to indicate a rather shocking naiveté from everyday Internet users.

According to SplashData, the 25 most common passwords cracked by cyberattackers are:

  • password
  • 123456
  • 12345678
  • qwerty
  • abc123
  • monkey
  • 1234567
  • letmein
  • trustno1
  • dragon
  • baseball
  • 111111
  • iloveyou
  • master
  • sunshine
  • ashley
  • bailey
  • passw0rd
  • shadow
  • 123123
  • 654321
  • superman
  • qazwsx
  • michael
  • football

One interesting entry is “passw0rd”—many people think they’re secure from dictionary attacks if they simply change out a letter for a numeral.

Security experts generally recommend a password be at least eight characters long, contain a mix of upper- and lower-case letters, numbers, and allowable punctuation. However, from a usability standpoint, those sorts of “secure” passwords are difficult for users to remember and use—meaning they often wind up on sticky notes next to a monitor or in a file or note labelled “password,” further compromising users’ security.

“If you have a password that is short or common or a word in the dictionary, it’s like leaving your door open for identity thieves,” Slain said.

Another approach is to create rather long passwords from strings of seemingly, unrelated, ordinary words: those passwords are generally easier to type and remember, although they often aren’t accepted by systems that enforce rules about password length or requiring special characters.

xckd-password-strength

[Comic via the excellent xkcd: http://xkcd.com/936/]

[Image via Shutterstock]

Social Media

A Facebook, Instagram bug exposed millions of passwords to its employees

Facebook, Facebook Lite, and Instagram passwords weren't properly encrypted and could be viewed by employees, the company said Thursday. The network estimates millions of users were affected.
Mobile

Flex your thumbs (and your brain) with these fun texting games

Gaming consoles keep getting more advanced, but you can still have fun with the good old Latin alphabet. Here are our picks for the best texting games, so you can make the most fun out of that limited data plan or basic cell phone.
Computing

Secure your Excel documents with a password by following these quick steps

Excel documents are used by people and businesses all over the world. Given how often they contain sensitive information, it makes sense to keep them from the wrong eyes. Thankfully, it's easy to secure them with a password.
Computing

How to change your Gmail password in just a few quick steps

Regularly updating your passwords is a good way to stay secure online, but each site and service has their own way of doing it. Here's a quick guide on how to change your Gmail password in a few short steps.
Computing

Get the most out of your high-resolution display by tweaking its DPI scaling

Windows 10 has gotten much better than earlier versions at supporting today's high-resolution displays. If you want to get the best out of your monitor, then check out our guide on how to adjust high-DPI scaling in Windows 10.
Mobile

Got gadgets galore? Keep them charged up with the 10 best USB-C cables

We're glad to see that USB-C is quickly becoming the norm. That's why we've rounded up some of the better USB-C cables on the market, whether you're looking to charge or sync your smartphone. We've got USB-C to USB-C and USB-C to USB-A.
Deals

Looking for a Chromebook? The Google PixelBook just got a $200 price cut

Once relatively obscure, Chromebooks have come into their own in a big way in recent years. One of our favorites is the super-sleek Google Pixelbook, and it's on sale right now from Amazon for $200 off, letting you score this premium laptop…
Computing

Nvidia’s GTX 1650 graphics card could be just a slight upgrade over the 1050 Ti

Rumors suggest Nvidia might soon launch the GTX 1650, and a leaked benchmark listing from Final Fantasy XV suggests that the new graphics card could be just a slight upgrade over last generation's GTX 1050 Ti. 
Computing

Get ready to say goodbye to some IFTTT support in Gmail by March 31

If This Then That, the popular automation service, will drop some of its support for Gmail by March 31. The decision comes as a response to security concerns and is aimed to protect user data.
Computing

Get the new Dell XPS 13 for $750 with this limited-time deal

Dell is currently running a limited time deal lasting through Thursday, March 28, where you can bring home a version of this year's new XPS 13 for around $750 with the use of a special coupon code. 
Mobile

This is the easiest way to save your iPhone data to your computer

Living in fear of losing your contacts, photos, messages, and notes on your iPhone? Fear no more -- in this guide, we'll break down exactly how to back up your iPhone to your computer using Apple's iTunes or to the cloud with iCloud.
Mobile

Here are the best iPad Pro keyboard cases to pick up with your new tablet

The iPad Pro range can double as laptops, but they do need proper keyboards to fill in effectively. Thankfully, there are loads to choose from and we rounded up the best iPad Pro keyboard cases right here.
Computing

Microsoft’s Clippy came back from the dead, but didn’t last very long

Before Cortana, Alexa, and Siri even existed, Microsoft Clippy dominated the screens of computers in the 1990s to help assist Microsoft Office users when writing letters. He recently made a bit of a comeback only to die off again.
Computing

Nvidia faces attacks from AMD, Intel, and even Google. Should it be worried?

Nvidia announced an expanded array of RTX server solutions designed to leverage the power of ray-tracing at GTC 2019. The effort will help Nvidia take on Google's Stadia in game streaming with GeForce Now, and the company's investments in…