andrewducker: (Eightball)
andrewducker ([personal profile] andrewducker) wrote2009-01-02 11:19 pm
  • Add Memory
  • Share This Entry

Do yourself a favour

This is the list of the top 500 most common passwords.  These are the ones that the bots try _first_ when they're trying to hack your account.

If you have any of these passwords, for God's sake change it.
Flat | Top-Level Comments Only

[identity profile] accordingly.livejournal.com 2009-01-02 11:53 pm (UTC)(link)
Ha. I love how many of them are rude.

[identity profile] chuma.livejournal.com 2009-01-03 12:21 am (UTC)(link)
I always suspected my password for "stuff I don't care about" was easy, but never that easy. Have changed a couple on the basis of any personal information is stuff to keep personal.

[identity profile] ashfae.livejournal.com 2009-01-03 10:59 am (UTC)(link)
abgrtyu?? Most of the rest are obvious or self-explanatory, but where the heck does that one come from?
andrewducker: (Default)

[personal profile] andrewducker 2009-01-03 11:56 am (UTC)(link)
Dunno, it's an odd one...

[identity profile] sigmonster.livejournal.com 2009-01-03 01:18 pm (UTC)(link)
Some common non-English keyboard layout?

Yours,
Etaoin Shrdlu

[identity profile] chipuni.livejournal.com 2009-01-03 10:06 pm (UTC)(link)
It seems to be used in sex sites. At least, that's what a quick Google search told me...

[identity profile] sneakingyoda.livejournal.com 2009-01-03 06:09 pm (UTC)(link)
My passwords pass!

:D

[identity profile] chipuni.livejournal.com 2009-01-03 10:03 pm (UTC)(link)
I have one password that I -thought- would be common, for accounts that I mostly don't care about. (For example, I use it for newspapers that require a log in.)

I'm shocked that it wasn't on the list.

(On the other hand, I have used 'password' for one account that I obviously do NOT care about.)

[identity profile] the-locster.livejournal.com 2009-01-04 08:45 pm (UTC)(link)
Any word in the dictionary or in common usage is a bad idea and most sites these days require at least one numeric digit in there. The trouble then is you just get loads of people using 'password0' :) The sysadmin at uni years ago used to assign the day of the week if you forgot your password, asking you to change it right away - a quick scan through the unix etc/passwd file checking for weekdays and sure enough there were a good many. Dumb policy = weak security. Checking for obvious variations like tuesday0 also turned up a few. This was all in the scope of learning about computer security you understand. One staff boxen had passwords that were all dictionary words and read out something like:

why
are
you
cracking
passwords

and then something offensive about geeks. heh.
Flat | Top-Level Comments Only