Internet users ditch "password" as password, upgrade to "123456"

[InfoSec News <alerts () infosecnews org>]

http://arstechnica.com/information-technology/2014/01/internet-users-ditch-password-as-password-upgrade-to-123456/

By Jon Brodkin
Ars Technica
Jan 20 2014

An annual list of the most commonly used passwords, a source of both humor 
and sadness to the human race, shows a change at the top for the first 
time in three years.

SplashData, a maker of password management software, started analyzing 
passwords leaked by hackers in 2011 and for the first two years of its 
study found that "password" was the most commonly used password, ahead of 
"123456."

The two switched places in 2013, according to the latest list released 
over the weekend. The new rankings were influenced by a hack on Adobe that 
revealed 130 million passwords protected only by reversible encryption. 
Security firm Stricture Consulting Group was able to reveal the top 100 
passwords from the Adobe hack, and "123456" came in first by a long shot. 
Stricture found 1.91 million uses of "123456" compared to 446,162 uses of 
"123456789" and 345,834 uses of "password." Only 43,497 people used the 
password for Druidia's air shield and President Skroob's luggage.

SplashData said it pulled from the Adobe list and others in making its top 
25. The rankings were "compiled from files containing millions of stolen 
passwords posted online during the previous year," SplashData said in its 
announcement. The SplashData list isn't a carbon copy of the Adobe one, 
but the Adobe influence is clear, given that SplashData's 10th-most-common 
password is "adobe123."

[...]



--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/