123456 or Just Hack Me

Home > Security > 123456 or Just Hack Me

Are you a Hacker's Dream? The other day an article appeared in the Technology section of the New York Times dealing with passwords that are just too popular to be secure. In If Your Password Is 123456, Just Make It HackMe, author Ashlee Vance states that back at the dawn of the web, the most popular password was 12345.

Today, despite all the security warnings and millions of words written on the subject, the most popular password is 123456. That’s right… fifteen years of experience and all we’ve done is add one digit.

“Mr. Shulman [Amichai Shulman, the chief technology officer at Imperva] and his company examined a list of 32 million passwords that an unknown hacker stole last month from RockYou, a company that makes software for users of social networking sites like Facebook and MySpace. The list was briefly posted on the Web, and hackers and security researchers downloaded it. (RockYou, which had already been widely criticized for lax privacy practices, has advised its customers to change their passwords, as the hacker gained information about their e-mail accounts as well.)”, says the Times article.

Recently, user’s GMail accounts were compromised when hackers gained access to individual’s accounts and emails. GMail is huge and it’s shear size makes a hackers efforts worthwhile. But no account anywhere is secure from hacking and abuse.

The article also lists the 32 most popular passwords used by “Rock You” customers. Hackers are also using this list to make their job easier.

The New York Times article is here. Have a look at that list of commonly used passwords and if you use any of them, change it right now. But change it to what?

Here’s a clue. If it’s really easy for you to remember, it’s easy for a hacker to crack. So use some variant that makes it more difficult. Most paswords are case-sensitive to throwing a few capital letters in unexpected places will make the password more secure. So will mixing letters and numbers. Or better yet, letters, numbers and symbols.

Which of these passwords do you think is easier to crack? abc123 or a2B%23? Make it a little longer and it is even more secure. You could also use a tool like the Secure Password Generator at OrangeCat.net or the SecurePassword Generator Add-on for Firefox.

But do something. You wouldn’t publish your credit card number, expiration date and cvv code on the Internet, but poor security practices may have you doing just that. Making life harder on hackers just makes good sense.

Dominate Your Local Market!