People using terrible passwords on the Internet is just a fact of life. Right now, out of laziness, ignorance, or a combination of the two, someone has decided that choosing the password "password" is the ideal way to stay secure online.
You'd think that given the extreme need for privacy on affair dating site Ashley Madison, its users would pick passwords slightly more difficult to crack. But alas, the list of the site's most commonly used passwords includes terrible, hilariously weak passwords.
The passwords were compiled by CynoSure Prime. In total, 11,716,208 passwords were discovered, and the most common ones are as sad as they are funny. The most popular password by far (again, on a website for people trying to secretly cheat on their spouse), was "123456," followed by "12345," "password," "default," and "123456789."
Going down the list you'll see plenty more obvious, generic, easy-to-guess passwords like "football," "superman," and "ashleymadison." Of course, there's also no shortage of racy, NSFW passwords, considering the purpose of the site. And who wouldn't love to log in with a password like "WhatTheHellAmIdoing" or "IThinkILoveMyWife?"
CynoSure Prime also notes that many of the worst passwords came from suspicious accounts. Not every user on Ashley Madison is necessarily a real person, and it makes no difference to a bot whether or not their account gets hacked.
That's why you also shouldn't assume that just because a person's email was found in the database that they actually used the site. Their data might have been stolen by thieves and blackmailers.
Beyond continuing the schadenfreude of the Ashley Madison debacle, this is further proof of the importance of strong passwords, which to be fair many users did have. Not that we'd encourage you to use a site like Ashley Madison, but if you did, you should probably make your password as hard to guess as possible. The best way to do that isn't to craft some super-secret phrase only you can remember, because hackers shouldn't be underestimated, but rather create a totally randomized password using a password manager. Also, two-factor authentication is a must.
Source: pcmag.com
0 comments:
Post a Comment