Analysis of 32 MILLION breached passwords shows people use stupid passwords
Verdict: it's 2010, and people are still using the stupidest passwords imaginable.
Here's a quick look at the top ten:
One: it shows that many providers of web apps and services still don't give a crap about helping make good decisions about security. They're perfectly happy to allow you to register with passwords that my grandmother could crack -- and she's never even touched a computer.
Two: it shows that people don't care enough about their own security online to give more than a split second of thought when choosing the super-secret code which secures access to their accounts. Dictionary-based attacks would have succeed on the first attempt on more than a quarter million Rockyou.com users!
Let's face it. These passwords are the digital equivalent of locking your front door by duct-taping the door to the frame. Is that how you want to protect your valuables, people?
Download Squad readers don't need this PSA, of course -- but it's time to spread the word. Get your friends and family using tools like LastPass, KeePass, and 1Password. All of them make creating and remembering strong passwords a breeze -- and while that won't help if someone breaches a database like Rockyou's it's still an important step in staying safe online.
The full report from Imperva is available as a PDF download if you'd like to read more analysis about the Rockyou breach.
[via Help Net]