The Worst Passwords Of 2014

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
The list of the worst passwords of 2014 is out and it looks almost identical to 2013. That's not to say all crappy passwords were repeats, 696969, football, baseball, Batman and Superman are all new to the list. :D

"The bad news from my research is that this year's most commonly used passwords are pretty consistent with prior years,” Burnett said. “The good news is that it appears that more people are moving away from using these passwords. In 2014, the top 25 passwords represented about 2.2% of passwords exposed. While still frightening, that's the lowest percentage of people using the most common passwords I have seen in recent studies."
Click to expand...
 
Password1
1234
1111
2222
3333

all seem to be pretty popular in my extremely low-tech construction retail environment.

good thing no one wants to hack us :D

yet...

o.o

I generally like to include my opinion of the company in my passwords.

eg: !hateGMAIL12345
!loveHARD1337
!hateATT6969

hehehe
 
Could do like old school movies involving "hacking" of some sort

Password: BreakPassword
 
i hate how now PWs need a cap a number and some need stuff like !#$ crap like that.
 
Yeah that's a company's way of "security" is to make you create a password so unmemorable that you need to write it down somewhere, as opposed to protecting against brute force attacks where someone just keeps trying to guess a password.
 
I use passphrases, for example "ireadhardocpeveryday". A longer password means more entropy, is easier to remember, and is near impossible to guess or crack.
 
Gweenz said:
I use passphrases, for example "ireadhardocpeveryday". A longer password means more entropy, is easier to remember, and is near impossible to guess or crack.
Click to expand...

And when the password requirements are idiotic like

"8-16 characters, must include capitol letters, numbers, and a symbol" your passphrase goes right out the window. Don't get me wrong, I like passphrases too, but there are a ton of instances where you can't use them(the max password length being so short is probably the most irritating).
 
Work's ADP time card requires periodic changes I hate.

I've made an unnecessarily graphic password so the next time I forget or get locked out I get to have HR pull it up on their computer before giving me a new one.
 
20130624_152207-300x225.jpg
 
Steve said:
The list of the worst passwords of 2014 is out and it looks almost identical to 2013. That's not to say all crappy passwords were repeats, 696969, football, baseball, Batman and Superman are all new to the list. :D
Click to expand...

Increasingly I use keepass to generate my passwords. If the site allows it, I'll use 30 or more characters with every character (including control characters).

I don't think I've ever used a qwerty or 12345 password.
 
most companies could be hacked with:
summer14
winter14
spring14
fall2014

repeat each year. this is due to bad practices by helpdesks and users that fail to change their password. if your in helpdesk protect you users. do something like Jr01202015
change it each day to their initals upper/lower/date and make sure they change their passwords.
 
Oh No, my email has been hacked, how else could they have gotten hold of the email with a list of all my passwords!
 
I remember ages and ages ago I was curious how many people with 3 and 4 character AIM screen names used the password "12345" so I generated a list of all possible 3 and 4 character names, loaded them in a bruteforce type program, setup proxies and when it was finished I had a boat load of names....kept some, did nothing with most and even sold some years later

It was about as fun as searching for names or ICQ numbers attached to dead email accounts, registering the email and requesting the password...good times...though the Russians were better at stealing ICQ numbers than I was...the bastards
 
That's funny, 12345 is the default password for the DVR's we sell. Most people don't even change em. Also admin seems to be common for both username and password.
 
Merc1138 said:
And when the password requirements are idiotic like

"8-16 characters, must include capitol letters, numbers, and a symbol" your passphrase goes right out the window. Don't get me wrong, I like passphrases too, but there are a ton of instances where you can't use them(the max password length being so short is probably the most irritating).
Click to expand...

Sure you can, you just capitalize the first letter, put a period on the end and add the same number to every single one. Problem solved.
 
cvinh said:
That's funny, 12345 is the default password for the DVR's we sell. Most people don't even change em. Also admin seems to be common for both username and password.
Click to expand...

They have lists of the default passwords for various devices online, particularly routers.
 
The author posted an update, reprinted at Ars: http://arstechnica.com/security/201...mmon-password-but-heres-why-thats-misleading/

While 123456 is absolutely the most common password, that statistic is a bit misleading. Although 0.6 percent of all users on my list used it, it’s important to remember that 99.4 percent of the users on my list didn’t. What is noteworthy here is that while the top passwords are still the top passwords, the number of people using those passwords has dramatically decreased. In 2011, my analysis showed that 8.5 percent had the passwords password or 123456, but this year that number has gone down to less than one percent. This is huge.
Click to expand...
 
You must log in or register to reply here.
Back
Top