The big Hollywood pictures always make breaking into computers look like a fabulously hip and complicated process. It involves excitement and ingenuity and often times, because it’s just so difficult and exciting, a bit of sweat on the brow. But in reality, it’s as easy as “123456”. And if that doesn’t work, we’d suggest trying “12345”, next.
A report released today looks at a list of 32 million passwords and what it finds doesn’t
say good things about most of us and our password practices.
The report, released by data security firm Imperva, works with real-world data to arrive at its finding. The 32 million passwords it uses as its data set were published on the Internet last month after being stolen from Rockyou.com.
Like children who won’t eat their vegetables, we obviously aren’t doing what we’re told when it comes to the basics of password security. While 30% of users chose passwords under the recommended minimum of six characters, 50% use common names, slang, and easy-to-guess things like consecutive series of numbers. Take a look at the top 20 passwords from the list below.
The report goes on to give a list of recommendations that, as it points out from the beginning, you probably won’t follow. Two previous studies of password-use, one in 1990 and another 10 years later showed that “password selection is strikingly similar.”
According to the data, a brute force attack would likely be able to access 1000 accounts in a mere 17 minutes.
Photo credit: danielleblue.