Let’s Hope Your Password Is Not On This List

The average person has quite a bit to memorize just to get through a normal day: ATM PINs, voice mail access codes, coupon codes, bicycle lock combinations, student/work ID numbers, phone numbers, sometimes even a PIN just to turn your phone on… You get the idea. But what do people sacrifice just to lighten the memory load? Most often, it’s work passwords.

So when the Systems Administrator at work gives employees yet another default username and default password, odds are they are rarely changed. Default usernames/passwords are usually something easy to remember like changeme.

Easy to remember, easy to guess.

I came across some password statistics recently from the ‘Security Basics’ mailing list. The most frequently used passwords were – let’s just say, lacking in creativity. The number one password used – 123456.

The statistics were based on a ‘username password’ file of 88,900 entries and here are the results:

123456 password passwd
test test123 admin
root qwerty 12345
123 $changeme$ administrator
1q2w3e 1234 changeme
abc123 abcd1234 asdfgh
12345678 router guest
sysadmin server user
setup newpass gov
123456789 linux condo
backup admin123

The human mind can juggle a maximum of 3 to 4 items at a time. And considering most people have an average of 25 online accounts, 123456 is an easy password solution to a long workday.

But now let me tell you exactly where these 88,900 password statistics came from. A member of the ‘Security Basics’ mailing list posted them, saying:

“I recently had the opportunity to analyze a ‘username password’ file used by an SSH brute force program found on a hacked system.”

Unfortunately, poor password habits don’t stop when you leave the office. If your password is on the above list, there is a chance you are taking your work habits home with you too. Do these passwords look familiar? If so, it’s a good idea to change your passwords both at work and at home!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s