December 6, 2013 No Comments-
We’ve said it once or twice before (okay, maybe we’ve said it lots of times before), but it’s so important to always use strong passwords on your accounts. Despite our nagging, internet users still have some very bad habits when it comes to password use. How bad? Let’s have a look.
Hacking attacks on Adobe (creators of the famous Photoshop software) and Cupid Media (owners of the Plenty of Fish dating website) this year have lead to data from nearly 200 million user accounts being leaked online.
Ignoring the fact that this number could include some duplicate accounts, that would be one thirty-fifth (2.9%) of the population of the planet who has had their details stolen. Wow,
The good news is that this gives us a lot of password information to analyze; although this data shows a lot of really bad passwords. For example, for both Adobe accounts and Plenty of Fish (PoF) members, 123456 was the most used password. On both sites, a total of 3.8 million users had chosen it as their password.
Nearly two millions of those users were from PoF, and the site only lost data for 30 million customers in total. That means a huge 6.3% of PoF users chose this password. For criminals, this means you’re likely to get into every 16th PoF account you try using 123456 as the password.
The other passwords are seemly just as silly. At PoF, “111111” was used 1.2m times, while 123456789 was the third-most popular. The full table:
Criminals can use this information as a representation of a demographic. For example, they might consider “dating websites” as something people do as a throwaway, and so are more prone to using a poor password. If this were true, hackers can now try logging in to another matchmaking website – such as OkCupid – using the passwords in the list above, and almost certainly gain access to a few of them.
The passwords from Adobe followed a similar pattern, with “123456”, “123456789”, “12345678”, “1234567”, “111111”, “123123” all making it inside the top 20 most-used passwords. The ever-popular password, “password”, came third.
If you have any accounts with any of the awful passwords listed above, please, please change them. They’re terrible. If you need some tips on how to choose a strong and memorable password, read this article.