BlackBerry’s blacklist: 106 passwords you can't use

[InfoSec News <alerts () infosecnews org>]

http://gcn.com/blogs/cybereye/2012/12/blackberry-blacklist-106-passwords-you-cant-use.aspx

By William Jackson
Cybereye
GCN.com
Dec 07, 2012

Research In Motion’s long-awaited new mobile OS, the BlackBerry 10, 
contains a blacklist of 106 verboten passwords that users will not be 
able to use to secure access to their devices, researchers have found.

The new OS is expected to be released Jan. 30 and is part of a major 
effort by RIM to regain some of the government market share it has lost 
in the face of growing competition from Apple and Android.

The blacklist is a small but clever feature in a device that clearly is 
focusing on security for its enterprise users. It features strong AES 
256-bit encryption that already is FIPS 140-2 certified, it allows 
segregated work and personal user profiles, and the browser includes a 
read-only mode that strips possible executables from the display.

The forbidden passwords include the obvious — “123456” and “abcdef,” 
“password” and “qwerty” — as well as some less obvious — “trustno1” and 
“zapata.” For the tipplers there is “miller” and “molson” (RIM is 
Canadian, after all). Some of the residents of Pooh Corner show up, 
including “eeyore,” “piglet,” “poohbear” and “tigger.” There are 
wizards, a few obscene suggestions, and I’m ashamed to say that one of 
my favorite passwords also is included. (I’m not telling you which one.)

[...]

______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org