16888 0 Report post Posted November 2, 2010 The recent hack of the website RockYou exposed around 32 million user passwords, which data security firm Imperva has analyzed to create a list of the worst passwords. Want to know what terms to avoid? An attack that exposed 10,000 Hotmail, MSN and Live.com passwords yielded similar findings. According to a researcher who examined the leaked data, "123456" was the most frequently used password, appearing 64 times in total. Forty-two percent of the passwords used lowercase letters from "a to z"; only 6 percent mixed alpha-numeric and other characters. Many of the top 20 passwords used were Spanish names, such as Alejandra and Alberto, suggesting that the victims were in Spanish-speaking communities. Nearly 2,000 of the passwords were only six characters long. The longest password was 30 characters -- lafaroleratropezoooooooooooooo. Share this post Link to post Share on other sites
zenia 0 Report post Posted November 2, 2010 (edited) The bad thing about a pass word is the obligation to remember the pass word. So the habit to use the keys on the keyboard that are easily touched looks very attractive to a lot of users of computers.The solution to write down the pass word is a bit dangerous. And with dangerous is ment that a written pass word has the risk to be read by somebody who is not supposed to use the pass word by the person who wrote down the password.The second bad thing about a pass word is the obligation that the pass word needs to be remembered. So people urge to use a pass word that can be remembered easily.Favorite pass words are the name of the girl friend and the wife.Names of children are favorite too.And names of pets are used a lot too.The use of other characters beside letters is more difficult than the use of letters. Because the most characters can only be typed when two keys on the key board are pushed down at the same time. This needs two different actions of the fingers. And it needs cooperated actions of t he fingers.So these characters make it more difficult for password finders to find the password.But they are more difficult for people to use.These characters are with others the ones like:: " < > ? ~!@#$%^&*()_+The advantage of these characters is that these characters make the password harder to guess and harder to find with a password finder.Another deep fall seems to be the use of the user name like a pass word too.Is there a link to this information?It looks very much like there is a website with this information.Another site of this phenomenon is that life gets harder for the modern human being. The use of a computer, surfing on the internet and the use of a bank account and a lot of other applications ask for the use of a pass word. And beside the option of writing down the pass word there is the option to remember all the used pass words.Before the invention of the computer and the discovery of the internet people needed to remember almost no pass words. So the pass words make the life of the nowadays modern human being a lot more difficult, considering it is hard to remember a pass word. Edited November 2, 2010 by zenia (see edit history) Share this post Link to post Share on other sites
Illustrious 0 Report post Posted November 5, 2010 I have been guilty of using the passwords, "password" and "qwerty" in the past. I learned my lesson . I found it ridiculous how my friend guessed my password after trying for like 15 minute straight. All my passwords contain alphabetical and numeric characters and sometimes I add a symbol if the website allows special characters ( !@#$()^&* ).In my opinion, the best passwords are case sensitive (this is where camel caps are actually pretty useful, when they appear as **** lol), contain both alphabetical/numeric characters, and are a random string of letters or numbers that are spontaneous (and to not use the same password for every single website/service that you sign up for). Share this post Link to post Share on other sites
Quatrux 4 Report post Posted November 6, 2010 I use some of those passwords for some services I don't care and especially for localhost, to test different things when creating something, why bother and use a hard password, when you can just use 123456 :)Also, as I know, another popular password is ASDF, but it seems to be not in the list. Share this post Link to post Share on other sites
Ahsaniqbalkmc 0 Report post Posted November 7, 2010 The worst thing about passwords is to remember them. Nowadays people are registered with so many websites that they even don't remember whether they were registered with the website or not. In such situation, keeping in mind all the different passwords is just impossible. A good option is to make a Excel file and keep all the password you used with specific site saved in a file so that you don't loose them. However this is not a safe way especially if your computer is open to be used by someone else. So what is the best solution. In my opinion the best solution is to use a single but tough password on all the reputed sites. For example I have one single password for Gmail, Yahoo, Facebook, Twitter, Xisto, etc. In this way all I have to do is to just bookmark the links of the pages and remembering passwords in not a problem because I have to remember only one word no matter how tough it is. Share this post Link to post Share on other sites
Quatrux 4 Report post Posted November 7, 2010 You can have that Excel file with all your password encrypted , or something like that.. Besides, in the excel file you can write not all the password, but for you to understand, for example:If you've got a password 12345678 then you can write 123456.. or 1234..8So you usually will remember the password, but somebody who will get that file, even if it's encrypted and he will be able to decrypt it, he won't do anything, if he's just a simple user, it is hard to guess the password end or center, as you don't know the string/password length. Share this post Link to post Share on other sites
Illustrious 0 Report post Posted November 7, 2010 You can have that Excel file with all your password encrypted , or something like that.. Besides, in the excel file you can write not all the password, but for you to understand, for example:If you've got a password 12345678 then you can write 123456.. or 1234..8So you usually will remember the password, but somebody who will get that file, even if it's encrypted and he will be able to decrypt it, he won't do anything, if he's just a simple user, it is hard to guess the password end or center, as you don't know the string/password length. That is a really good idea! Except for I think most people could probably figure out what 1234..8 would be . I think I might start storing my passwords on my email address since I often find myself scrambling to figure out what a password was to one of my old accounts. It frustrates me sometimes when I cannot log in to accounts I have not used in six or more months. Share this post Link to post Share on other sites
Quatrux 4 Report post Posted November 7, 2010 Well, the password 12345678 was just an example, say your real password is Ver1sMYC4t$$, so you can use Ver1sMYC.. and you'll just need to remember the end.. It's useful, if you have at least 5 passwords you use everywhere and to have the file for the services/websites you're registered to know which password you're using..Even though most of sites have implemented password remembering solutions, so it's good to just get an email, even though I wanted to remember some passwords for some services I used a lot of years ago and I didn't use that email anymore as I didn't have access to it, so noway to remember it Share this post Link to post Share on other sites
yordan 10 Report post Posted November 7, 2010 passkeeper seems to be an interesting alternative. You put it on your flashkey, it's password-protected.And it stores all your passwords.So, for each server you create a very complicated password (let's say, like Quatrux says, Ver1sMYC4t$$ for the first site and Nob0dy4rent$$ for the first site). You store these passwords inside passkeeper. Share this post Link to post Share on other sites
Illustrious 0 Report post Posted November 7, 2010 passkeeper seems to be an interesting alternative. You put it on your flashkey, it's password-protected.And it stores all your passwords.So, for each server you create a very complicated password (let's say, like Quatrux says, Ver1sMYC4t$$ for the first site and Nob0dy4rent$$ for the first site). You store these passwords inside passkeeper. I heard of programs like this for your thumb drives. It encrypts your passwords with Secure Hash Algorithm (SHA) or MD5, AES-128/256, etc. but I am not sure how safe these can be. If someone were to get their hands on the flash drive, would they be able to brute force crack the passwords? I would feel more safe if the program forced a format after a number of failed attempts (say... 20). Share this post Link to post Share on other sites
yordan 10 Report post Posted November 8, 2010 You are right, passwords on a flashdisk is not a great idea.I think that, as usual, the only info that cannot be stealed is the info that does not exist anywhere.So, keep training your memory, remember all your passwords and do not write them anywhere, in your PC nor on your flashdisk, nor on a sticker under your keyboard! Share this post Link to post Share on other sites