Just guessing but I think the No Such Agentcy, runs a pool, kind a like a Superbowl, which is payable every Monday, for the easiest to break password and the results were leaked to the press recently. You are reading the leak.
| Submit your comments on this article |
| Science & Technology |
| 'Password' No Longer the Internet's Worst Password |
| 2014-01-23 |
| [An Nahar] The number sequence "123456" has overtaken "password" as the most common worst password among Internet users, an online security firm says. Releasing its annual Worst Passwords list, SplashData said it was the first time "password" had lost its number-one position, changing places with its numerical rival. In third place was "12345678," unchanged from 2012, while "qwerty" and "abc123" came in fourth and fifth -- and "iloveyou" climbed two spots to number nine. Swinging the results, SplashData said, was a major security breach involving Adobe software that laid bare the widespread use of weak passwords among users of such Adobe products as Photoshop. "Seeing passwords like 'adobe123' and 'photoshop' on this list (for the first time) offers a good reminder not to base your password on the name of the website or application you are accessing," said SplashData chief executive Morgan Slain, whose company markets password management apps. Like other password experts, SplashData encouraged Internet users to opt for "passphrases" -- a bunch of random words, numbers and characters, like "smiles_like_skip?" -- that are easy to remember, but harder for online scam artists to crack. |
| Posted by:Fred |
| #19 Lastpass. It works, and is "safe enough" for general use. Good crypto, and protocol is fairly good. Secure mobile client. And you can use 2 factor with it. |
| Posted by: OldSpook 2014-01-23 20:10 |
| #18 Way Older Users of Either Sex FirstLineOfBibleVerseCitation (this isn't all that unsecure, especially with a really obscure or incorrect reference) And remember to use l33t to show your cool! And do leave it on a sticky note, or several and make sure I know where they are. This is actually how I suspect Snowden got access. Social hacking is the easiest kind. |
| Posted by: Shipman 2014-01-23 17:05 |
| #17 Then there is the old "I'll make it the same as my userid - nobody would every try that!" |
| Posted by: CrazyFool 2014-01-23 17:04 |
| #16 Purely anecdotal but I have had to see a lot of them, frankly (can I say that) so I can check their typing. Also they send me requests.... oh lord they send me requests but itn hard. Married Wymens HusbandFirstNameYearofMarriage ChildrensFirstNameYearofBirth MaidenNameYearofBirth Unmarried Wymens NickNamesTheyHaveForThemselvesYearofBirth PetNameYearofBirth Unmarried Menz NickNamesTheyThinkTheyOutToHaveYearOfBIrth NickNamesTheyDoHaveYearOfFirstSex YearModelOfFirstCarDate FirstDawgYearofBirth FirstDawgYearofDeath Married Menz See Above little change |
| Posted by: Shipman 2014-01-23 17:02 |
| #15 I tell users to write their passwords on a piece of paper if they can't remember them but keep the piece of paper in a locked drawer. One of my pet peeves is the way Internet Explorer will "remember" your password for you. But then, if you get a new computer or have to reinstall or upgrade to a newer version of Windows, IE "forgets". Then, if you forgot too, your screwed. |
| Posted by: Ebbang Uluque6305 2014-01-23 16:27 |
| #14 So, they found out all these passwords...how? - Ed in Texas Just guessing but I think the No Such Agentcy, runs a pool, kind a like a Superbowl, which is payable every Monday, for the easiest to break password and the results were leaked to the press recently. You are reading the leak. |
| Posted by: Don Vito Matzarrella 2014-01-23 11:16 |
| #13 Safeboot has (or had) something like that. After I think 3 failures it delays for 1 miniute and doubles after each consecutive failure after that. 1, 2, 4, 8, 16, 32, etc... Very effective. |
| Posted by: CrazyFool 2014-01-23 11:05 |
| #12 Not to be confused with the passwords on the sticky notes affixed on the computer. Which is good fun until the kids throw them away on trash day, and it isn't noticed until after breakfast the next day. |
| Posted by: swksvolFF 2014-01-23 11:05 |
| #11 You don't need long, complicated passwords for security; you just need to have a waiting period before subsequent attempts are accepted. Three tries in a minute, then you have to wait an hour, miss three more times, wait a day, miss three more times, wait a month, etc. Four random digits should suffice. |
| Posted by: Glenmore 2014-01-23 09:45 |
| #10 xkcd provides a smart tutorial on passwords here. |
| Posted by: Steve White 2014-01-23 08:41 |
| #9 Clearly, the folks making up the complex requirements for passwords are bucking for government jobs - they are so much smarter than the rest of us. |
| Posted by: Bobby 2014-01-23 08:40 |
| #8 The admin password policy I know of is that it has to be at least 15 characters, contain no common words, have so many digits (which cannot begin or end the password) and so many special characters. Such a policy guarantees that the password will be written down somewhere easy to reference - like a whiteboard. So if you see what appears to be line noise written on the whiteboard - you'll know it's a password. |
| Posted by: CrazyFool 2014-01-23 08:34 |
| #7 Once more into the breach..... P2K, back in the early '80s I worked for a large computer company. Sys admin gurus decided that every password would be reset to a random 10 character string every week.....sale of post it notes soared. |
| Posted by: AlanC 2014-01-23 08:14 |
| #6 TESTING... Just subitted a comment and it didn' post.
| |
| Posted by: AlanC 2014-01-23 08:11 |
| #5 Not to be confused with the passwords on the sticky notes affixed on the computer. |
| Posted by: Procopius2k 2014-01-23 07:52 |
| #4 So, they found out all these passwords...how? By cracking them? Had a password contest down at the mall? (I'm just sayin'...) |
| Posted by: ed in texas 2014-01-23 07:14 |
| #3 |
| Posted by: OldSpook 2014-01-23 02:19 |
| #2 That's the kind of thing an idiot would have on his luggage. |
| Posted by: OldSpook 2014-01-23 02:17 |
| #1 So this means it's OK to use 'password' again? |
| Posted by: SteveS 2014-01-23 01:51 |