Batu69 Posted January 20, 2016 Share Posted January 20, 2016 When it comes to the password selection process, you are usually only restrained by the limitations imposed to you by the service you are creating an account for. Some may have very strict but insecure rules, like enforcing 4 digit passwords only, while others may only limit the lower character limit (six or more), upper character limit (no more than 12), and a third kind may require that you pick at least a special character and a number. Most password selection rules are not designed to enforce the use of secure passwords, but to make the password selection process convenient for the user to avoid users leaving in frustration if their password selections are rejected for being too insecure, and to avoid servers being hammered with password reset requests. Bad Passwords SplashData released its annual "worst passwords list" yesterday highlighting the "most commonly used passwords".It compiles the list from leaked password during the year which means that the passwords could have been created earlier and not necessarily in 2015. via password meter Without further ado, here it is. 123456 password 12345678 qwerty 12345 123456789 football 1234 1234567 baseball welcome (new) 1234567890 (new) abc123 111111 1qaz2wsx (new) dragon master monkey letmein login (new) princess (new) qwertyuiop (new) solo (new) passw0rd (new) starwars (new) As you can see from the listing, most of the selected passwords are as basic as they can get as they are either basic words, numbers, or use a combination of characters that are easily detectable as a pattern on the keyboard. The main issue here is not only that these passwords are insecure, but also that they are found in nearly any brute forcing dictionary out there. In fact, most of these passwords have been in dictionary files twenty years ago. The new entries to the list are as insecure as the old ones. All have in common that they are easy to type, but that is the only benefit as they leave the account wide open for attackers. Better passwords Probably the best advice that one can give to Internet users who select weak passwords is to start using a password manager that assists them in selecting secure unique passwords for every Internet service and application they use. If that is out of the question, the following policies should be followed: Use a lot of characters (12 at least, better a lot more). Mix letters, numbers, upper- and lowercase, special characters. Don't pick dictionary words (football) or pop culture (Star Wars), and don't substitute common characters with each other (e.g. o and 0, e and 3, l and 1). Use unique passwords. Article source Link to comment Share on other sites More sharing options...
Sylence Posted January 20, 2016 Share Posted January 20, 2016 if you really wanna know which password you shouldn't be using you need to download the dictionary from the John the Ripper and search for the passworld in your mind in that text file Link to comment Share on other sites More sharing options...
compgen1534 Posted January 20, 2016 Share Posted January 20, 2016 Seriously, the password I use most is 1234567 It's worked great for me on like every single website lol Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.