The painful list of really lousy passwords

Source URL: http://www.itworld.com/security/227293/painful-list-really-lousy-passwords
November 22, 2011, 1:47 PM
By , ITworld

Year end lists are starting to appear, and this one will hurt: the 25 worst passwords of 2011. Number one, yet again, is password.

Some companies demand a mix of alpha an numeric characters, so users get clever and use passw0rd. No hacker will think of that, right? And while 123456 may be a great password for some systems, more secure organizations require eight characters in a password. You know what's coming, don't you? 12345678. And where is ***** on the list?

No wonder Facebook accounts get cracked by the hundreds of thousands each day. And for those trying to break into your significant other's Facebook account to post embarrassing status entries, you now have the 25 most likely passwords. That assumes your significant other isn't smart enough to follow even the most basic password rules.

Good advice

My ex wife used the same easy password for everything, good thing for me though as I caught her having an affair and nailed her in court : )
script on msn.com

Three words that would normally not be used together in a sentence (like "cat_vodka_Ferrari") is a strong password as well.
ajd2006 on pcworld.com

I use password at work because i really don't give a damn. For real security I use an acronym from a line in a song lyric.
dwgrift on msn.com

Wiseacres

I had to choose a password with eight characters so I chose: "Snow White and the 7 Dwarves" :-)
simonward on telegraph.co.uk

Well so much for my password to this site...
Porchpup on msn.com

I always liked the password "obvious". That way when people ask what the password is for something I can tell them the password is obvious. Usually good for a few minutes back and forth dialogue about it not being obvious.
sonofcassandra on telegraph.co.uk

A lousy system

To what extent are stolen passwords even a meaningful threat? Most systems don't hand out shadow files to the public and don't allow large numbers of quick guesses. Russian gangs setting up zombie networks aren't going to know my cat or my wife's name or similar "easy to guess" choices.
karypm on pcworld.com

Forcing regular password changes sounds good, but causes endless problems with people who only use systems occasionally, or have been away.
worldwatch on telegraph.co.uk

And as I've mentioned multiple times, software that 'remembers' your passwords for you is EVIL. DOUBLY ABSOLUTE EVIL for browser password caches.
Evildave on pcworld.com

I had a password of @((#aM12_)g!1tty9 and it was broken. So consider what your password is and how difficult it is or how easy.
ThaKhanKubla on msn.com

Thanks to SplashData for the list.

Teaser: 
Year end lists are starting to appear, and this one will hurt: the 25 worst passwords of 2011. Number one, yet again, is password.
James Gaskin
passwords, security, Top 25, worst passwords
Source URL: http://www.itworld.com/security/227293/painful-list-really-lousy-passwords

© 1994-2013 ITworld. All rights reserved.