January 23, 2010 by pcl ·
PHREAK: Alright, what are the three most commonly used passwords?
JOEY: love, secret, and uh, sex. But not in that order, necessarily, right?
CEREAL: Yeah but don’t forget GOD. System operators love to use GOD. It’s that whole male ego thing.
Analyses of various password leaks:
I think it is interesting that as bad as the passwords in Hackers seem, the passwords people actually use are somehow even worse. Where it’s allowed, 123456 always takes the number one spot, usually by a huge margin; in the RockYou leak, 123456 was used 4x more than its closest competitor (12345). When purely numeric password are forbidden, password is the clear winner, and continues to take the number one spot as requirements are added.
Require a capital letter? Password
The top three I’d try, without knowing the requirements:
January 22, 2010 by pcl ·
All of the recent stories about high-profile sites storing passwords in plain text makes me feel a little bad for picking on people using unsalted MD5 hashes. At least they tried!