'Worst passwords of 2014' reveals that people simply don't care about security

Exactly one year ago today, SplashData revealed its third annual list of the top 25 worst passwords found on the Internet. Unsurprisingly, things really didn’t change all that much in 2014 as people continue to use weak passwords despite the consequences.

SplashData compiled its list from more than 3.3 million leaked passwords during the year, most of which were held by people in North American and Western Europe. As we’ve seen in past years’ lists, simple numerical passwords remain common with nine of the top 25 passwords on the list comprised of numbers only.

'Worst passwords of 2014' reveals that people simply don't care about security



Thought i would bring this little article to everyone's attention. It's amazing how silly some people can be regrading the protection of there personal information.

Having recently had my own system infected with a virus/maleware/ransomware(Cryptowall 3.0) that encrypted a significant proportion of my personal information i myself have started to implement new security procedures regarding passwords and who has access to my network. So what do you thing ATS, how safe are our passwords?

How safe are our home networks?

What's the best way to in cress password strength?

What are your opinions as to the best software for prevention/detection?

Your thoughts on the subject are most welcome.

all my password contain UPPER CASE, lower case, Symbols and numbers,

but saying that almost all passwords can be hacked if someone really wants in,

i find this a good site to check passwords, (Obviously don't put your real passwords in!!!!!)

www.passwordmeter.com...

i think the idea of passwords are outdated and moving forward we will all get RFID chips and bio scanners connected to our devices, its just another reason to force us down that route

on my opinion i think the best type of security is local encrypted network storage, nothing saved on the PC, laptop etc, but then your hoping the maker of the device have good firmware and isn't easily hacked,

i think in today's world we have all become to intertwined with how we deal with data, unless you go down the route of multiple firewalls, encryption and a fully Pen tested network, and that costs money, people rely on the security given to them from companies like Apple and AVG, rather then start looking at networking security

Doesn't surprise me. You'd be shocked at how many IT people leave sysadmin as server passwords.

What annoys me more are the stupid "rules" that actually make both hacking and forgetting your password easier.

Your Clever Password Tricks Aren't Protecting You from Today's Hackers

a reply to: andy06shake

My password that I use "/accessA11areas/" has done me well for years.

It fits the advice..
1) Use at least 3 words.
2) Use at least one capital letter.
3) Use at least 1 symbol.
4) Use at least one numerical digit.

That should be pretty secure, just like mine.

Oh wait!?!

a reply to: OneManArmy

hahahah,

i wondered how long

I use keepass.
it allows me to set rules for randomly generated passwords, and I can generate a new one for each place I use.

As long as copy/paste works for entering in the password (not true for everything...) it's great.

example password (using slightly different rules than I use to generate my own):
Xw35V!1Nc\H@w~R;xm.R

a reply to: andy06shake

I think you are misinterpreting the data. More likely, then not caring about security, is the fact that so many 'passwords' are required in todays technological space. I cannot even add up the number of passwords that I have to keep track of and I won't use a technological method to keep - due to insecurity. I write them all down, three times in three separate locations.

Most people just use passwords they can remember because frankly, having a 'robust' password does no good if you don't remember it or can't find it on the fly.

Cheers...

originally posted by: Phatdamage

all my password contain UPPER CASE, lower case, Symbols and numbers,

That is how I compose my passwords too...and I always have a different combination for each password.

I just have to wonder why some people use the same password for every site where they need to have one.

I keep mine simple, password = password or 0123456789. Kind of screws with their minds.

I created my own kind of language that makes it easy for me to remember passwords. I've had to modify it due to certain rules some sites have for passwords like "it must begin with a capital letter" but I haven't had any issues. Except of course when databases get hacked and everyone with an amazon account has to change the password. But a simple alteration fixed that.

I think thats why people choose weak passwords because otherwise it can be difficult to remember all the different passwords... unless you have a system like I do. I'm always thinking of ways to make it better. I just don't understand soke of the character limits some sites have for passwords. What do they care if I want my password to have 50 characters? Technically, the longer the password is, the more secure it is.

a reply to: hillbilly4rent

You either didnt read the article or you have a strange sense of humor...

a reply to: 3n19m470

Strange sense of humor, maybe. Actually mine is a infusion of Latin and calculus.

The easiest way to increase password strength is to use longer passwords. But it also depends upon how the attacker gets the password in the first place. If you have a trojan logging your keystrokes then the strength of your passwords makes no difference whatsoever. Or if the passwords on a network are being stored in an insecure manner, all of the passwords can be cracked to be converted into plaintext if the attacker can get the passwords file. But if the hacker is brute-forcing your password, the length will be the main limiting factor. The difficulty can be increased exponentially by including more characters. Using dictionary words is the worst possible password choice, because the password can be compared to every word in the attacker's dictionary until a match is found. But if you've got multiple words, meaningless characters, capitalized and lowercase letters, symbols, and especially spaces, it will be next to impossible to crack. Maybe even impossible, even with the fastest and most advanced processing.

1. most people are idiots incapable of remembering more than two things at once .. hence the proclivity for easy passwords.

2. due to both 1 and laziness they dont bother changing passwords on a regular basis.

3. not my problem they get hacked because theyre too stupid and lazy to follow basic security protocols.

If you ever played minecraft one of the things they have on the title screen is "12345" is not a password.
Interesting cause that site says 12345 is used alot.

a reply to: FyreByrd

"I think you are misinterpreting the data."

How so, please elaborate? I have not really offered up my interpretation of the data yet other than to comment on the stupidity related to the passwords. Im just wondering what im misinterpreting?

I certainly agree regarding the amount of passwords one accumulates and our ability or rather inability to keep track of them all.

I use lines from songs when I have to have a complex password, and military bases for simple ones. For a long time I worked my way through "Green River" by CCR. It screws with people's minds when you type "oldcodyjr.tookmeover" or "pickupaflatrock,skimitcrossthegreenriver"

a reply to: ~Lucidity

I'm surprised "God" or "Love" did not make the list. LoL

Possibly because in most instances these days your required to use more than 3 or 4 digits?

The article doesn't really indicate the types of accounts associated with these passwords... just that they were leaked.

I would suspect people treat the password to their bank accounts or anything associated with a credit card differently than signing up for a newsletter. I know I do.

Here's the original article (marketing PR) from Splashdata

originally posted by: andy06shake

Exactly one year ago today, SplashData revealed its third annual list of the top 25 worst passwords found on the Internet. Unsurprisingly, things really didn’t change all that much in 2014 as people continue to use weak passwords despite the consequences.

SplashData compiled its list from more than 3.3 million leaked passwords during the year, most of which were held by people in North American and Western Europe. As we’ve seen in past years’ lists, simple numerical passwords remain common with nine of the top 25 passwords on the list comprised of numbers only.

'Worst passwords of 2014' reveals that people simply don't care about security

Thought i would bring this little article to everyone's attention. It's amazing how silly some people can be regrading the protection of there personal information.

Having recently had my own system infected with a virus/maleware/ransomware(Cryptowall 3.0) that encrypted a significant proportion of my personal information i myself have started to implement new security procedures regarding passwords and who has access to my network. So what do you thing ATS, how safe are our passwords?

How safe are our home networks?

What's the best way to in cress password strength?

What are your opinions as to the best software for prevention/detection?

Your thoughts on the subject are most welcome.

I am so glad that date of birth aint on that list !