Stay Safe by Learning from the Bad Passwords of Others
Most of the password advice you hear is fairly hypothetical: Don't use words you can find in the dictionary. Don't use the word password or a simple string of numbers. But it's not every day that we can look at real passwords used by real people, and point out just how poorly conceived they are. Thankfully, today is one of those rare days.
Recently, 10,000 passwords were scraped off of Windows Live Hotmail accounts (probably through a phishing attack) and posted online. Security site Acunetix performed an analysis of the passwords, and the results are (if you are a security fanatic) a little bit depressing.
Here are some statistics gleaned from the study:
- 42% of the passwords are lower case alpha strings containing only characters from a to z.
- 19% of the passwords contained only numbers.
- 30% of the passwords were mixed with upper and lower case and numbers.
- 123456
- 123456789
- alejandra
- 111111
- alberto
- tequiero
- alejandro
- 12345678
- 1234567
- estrella
Need some help? Recently, Rick told you how to choose a smart password, and I pointed you towards a Microsoft Web site that can tell you the strength (and relative security) of your password.
Photo by Mirko Macari