Simple passwords are still being used
January 7, 2013 1 Comment
According to a report, an estimated one billion hacking attempts were made in 2012. The most commonly hacked password found was “password” followed by “123456″. Also included were “letmein” and “ABC123″. Also commonly used are simple names such as a [common] street name or the name of a pet.
Security experts say many use the same [weak] password for multiple sites and accounts.
The Ontario Privacy Commissioner, Ann Cavoukian, suggested combining two words from two different languages and gave the dumbest example of “tablemesa” [part English and part Spanish]. Anyone see the problem here? Here is a few issues with the example:
- no special characters
- no numbers
- not mixed case
- composed of two words that are probably used in a dictionary for brute force attack
- possibly a bit short
2012 was a bad year for hacking. Career social network LinkedIn and dating site eHarmony both reported stolen passwords. In many cases, individuals used the same password on multiple sites
In some cases, the same password was used for mail servers. So then the hackers sold the password or used them to send out spam, malware or other stuff that were sent to others in the hacked account’s contacts.
In some cases, hackers will destroy everything in the account such as years of Emails, documents and pictures. If on a social network site they could wipe out the history or post some nasty information.
Changing passwords may be too late. The best thing to do is close down the accounts and open up new accounts – hopefully with difficult passwords.
There are a number of free or open source software to keep track of all the accounts and their passwords. Among them are Keypass, LastPass, Password Corral. If the passwords are kept locally, most of them should have some type of encryption on the actual database. You will need a password to see the passwords inside. Some allow you to copy the database to other computers or maybe multiple platforms.