The Worst Passwords Of 2014

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
The list of the worst passwords of 2014 is out and it looks almost identical to 2013. That's not to say all crappy passwords were repeats, 696969, football, baseball, Batman and Superman are all new to the list. :D

"The bad news from my research is that this year's most commonly used passwords are pretty consistent with prior years,” Burnett said. “The good news is that it appears that more people are moving away from using these passwords. In 2014, the top 25 passwords represented about 2.2% of passwords exposed. While still frightening, that's the lowest percentage of people using the most common passwords I have seen in recent studies."
 
Joined
Dec 25, 2009
Messages
595
Password1
1234
1111
2222
3333

all seem to be pretty popular in my extremely low-tech construction retail environment.

good thing no one wants to hack us :D

yet...

o.o

I generally like to include my opinion of the company in my passwords.

eg: !hateGMAIL12345
!loveHARD1337
!hateATT6969

hehehe
 

sfsuphysics

[H]F Junkie
Joined
Jan 14, 2007
Messages
15,520
Could do like old school movies involving "hacking" of some sort

Password: BreakPassword
 

tunatime

Well...OK
Joined
Sep 15, 2011
Messages
5,344
i hate how now PWs need a cap a number and some need stuff like !#$ crap like that.
 

sfsuphysics

[H]F Junkie
Joined
Jan 14, 2007
Messages
15,520
Yeah that's a company's way of "security" is to make you create a password so unmemorable that you need to write it down somewhere, as opposed to protecting against brute force attacks where someone just keeps trying to guess a password.
 

Gweenz

[H]ard|Gawd
Joined
Dec 18, 2003
Messages
1,216
I use passphrases, for example "ireadhardocpeveryday". A longer password means more entropy, is easier to remember, and is near impossible to guess or crack.
 

Merc1138

2[H]4U
Joined
Sep 25, 2010
Messages
2,128
I use passphrases, for example "ireadhardocpeveryday". A longer password means more entropy, is easier to remember, and is near impossible to guess or crack.

And when the password requirements are idiotic like

"8-16 characters, must include capitol letters, numbers, and a symbol" your passphrase goes right out the window. Don't get me wrong, I like passphrases too, but there are a ton of instances where you can't use them(the max password length being so short is probably the most irritating).
 

Retronym

[H]F Junkie
Joined
Mar 5, 2007
Messages
13,608
Work's ADP time card requires periodic changes I hate.

I've made an unnecessarily graphic password so the next time I forget or get locked out I get to have HR pull it up on their computer before giving me a new one.
 

evilsofa

[H]F Junkie
Joined
Jan 1, 2007
Messages
10,078
20130624_152207-300x225.jpg
 

nilepez

[H]F Junkie
Joined
Jan 21, 2005
Messages
11,827
The list of the worst passwords of 2014 is out and it looks almost identical to 2013. That's not to say all crappy passwords were repeats, 696969, football, baseball, Batman and Superman are all new to the list. :D

Increasingly I use keepass to generate my passwords. If the site allows it, I'll use 30 or more characters with every character (including control characters).

I don't think I've ever used a qwerty or 12345 password.
 

oROEchimaru

Supreme [H]ardness
Joined
Jun 1, 2004
Messages
4,662
most companies could be hacked with:
summer14
winter14
spring14
fall2014

repeat each year. this is due to bad practices by helpdesks and users that fail to change their password. if your in helpdesk protect you users. do something like Jr01202015
change it each day to their initals upper/lower/date and make sure they change their passwords.
 

nutzo

Supreme [H]ardness
Joined
Feb 15, 2004
Messages
7,380
Oh No, my email has been hacked, how else could they have gotten hold of the email with a list of all my passwords!
 

vasta

Gawd
Joined
Sep 14, 2004
Messages
621
I remember ages and ages ago I was curious how many people with 3 and 4 character AIM screen names used the password "12345" so I generated a list of all possible 3 and 4 character names, loaded them in a bruteforce type program, setup proxies and when it was finished I had a boat load of names....kept some, did nothing with most and even sold some years later

It was about as fun as searching for names or ICQ numbers attached to dead email accounts, registering the email and requesting the password...good times...though the Russians were better at stealing ICQ numbers than I was...the bastards
 

cvinh

[H]ard|Gawd
Joined
Sep 4, 2009
Messages
2,016
That's funny, 12345 is the default password for the DVR's we sell. Most people don't even change em. Also admin seems to be common for both username and password.
 

Quix

2[H]4U
Joined
Jun 12, 2011
Messages
3,710
And when the password requirements are idiotic like

"8-16 characters, must include capitol letters, numbers, and a symbol" your passphrase goes right out the window. Don't get me wrong, I like passphrases too, but there are a ton of instances where you can't use them(the max password length being so short is probably the most irritating).

Sure you can, you just capitalize the first letter, put a period on the end and add the same number to every single one. Problem solved.
 

ccman

Limp Gawd
Joined
Jun 4, 2005
Messages
443
That's funny, 12345 is the default password for the DVR's we sell. Most people don't even change em. Also admin seems to be common for both username and password.

They have lists of the default passwords for various devices online, particularly routers.
 

pxc

Extremely [H]
Joined
Oct 22, 2000
Messages
33,064
The author posted an update, reprinted at Ars: http://arstechnica.com/security/201...mmon-password-but-heres-why-thats-misleading/

While 123456 is absolutely the most common password, that statistic is a bit misleading. Although 0.6 percent of all users on my list used it, it’s important to remember that 99.4 percent of the users on my list didn’t. What is noteworthy here is that while the top passwords are still the top passwords, the number of people using those passwords has dramatically decreased. In 2011, my analysis showed that 8.5 percent had the passwords password or 123456, but this year that number has gone down to less than one percent. This is huge.
 
Top