Still using your cat’s name for your password? Failing to use an iron-clad password on your important online accounts is not only asking for trouble — but is making it easy for cybercrime to perpetuate online crime. An eye-opener was a recent analysis of 32 million passwords that were breached.
Data Security Firm, Imperva, highlights consumer susceptibility to cyber attack — they have released a study analyzing 32 million passwords recently exposed in the Rockyou.com breach.
Imperva’s Application Defense Center (ADC) analyzed the strength of the passwords in a report, Consumer Password Worst Practices, that analyzes 32 million passwords to help consumers and website administrators identify the most commonly used passwords they should avoid when using social networking or e-commerce sites.
The report identifies the most commonly used passwords:
- 123456
- 12345
- 123456789
- Password
- iloveyou
- princess
- rockyou
- 1234567
- 12345678
- abc123
Imperva’s CTO Amichai Shulman explained:
Everyone needs to understand what the combination of poor passwords means in today’s world of automated cyber attacks: with only minimal effort, a hacker can gain access to one new account every second — or 1000 accounts every 17 minutes … The data provides a unique glimpse into the way that users select passwords and an opportunity to evaluate the true strength of passwords as a security mechanism. Never before has there been such a high volume of real-world passwords to examine.
Some key findings of the study:
The shortness and simplicity of passwords means many users select credentials that will make them susceptible to basic forms of cyber attacks known as ‘brute force attacks.’
Nearly 50% of users used names, slang words, dictionary words or trivial passwords (consecutive digits, adjacent keyboard keys, and so on). The most common password is ’123456′.
For enterprises, password insecurity can have serious consequences.
Generate iron-clad passwords, quickly and easily:
Bookmark: GoodPassword.com. The free, nonprofit web site uses 100 Pseudo Random Number Generators (PRNGs) to generate passwords. Each PRNG is assigned to a user by the last 2 digits of their IP number. GoodPassword.com created the web site to educate internet users on the importance of choosing good passwords that are random, long and selected from a large character set. Over the development of the site, they experimented with new techniques and methods of password creation.
Utilize this web page to generate nearly unbreakable passwords
Utilize this web page to generate nearly unbreakable passwords quickly and easily. I have spent some time there and have generated a ‘collection’ of good, random passwords for future use. Kept in a safe place on your computer, you can more easily get into a routine of changing those passwords on a regular basis. Your most important sites like ecommerce sites, email, Amazon, Facebook, Twitter, and your blog, should be changed monthly.
You can also generate a “leet” password that is generated based on a phrase — such as this one, based on a popular song lyric:
Warning! All passwords are only secure as the phrase selected. Create an uncommon phrase that only you know about. “5 O’clock somewhere” is NOT a good choice.
Imperva’s Shulman explained further, referring to a 1990 Unix password study that showed a password selection pattern similar to what consumers select today:
www.goodpassword.com Imperva’s Free Report (Requires registration) Imperva webinar detailing the study’s findings. To register sign up here About “Leet” alphabet
Thanks for reading…
Editor / Publisher: ?
