Home / Security / Common passwords lists
Imperva, an internet security firm, has provided a list of the most common passwords people use. These are really bad passwords as they provide little or no security. The worse is, most of these are generic. Remember, a simple password – one that can easily be guessed – makes your account susceptible to being hacked.
On similar lines, Twitter, the popular micro-blogging web site, maintains a black list containing words that cannot be used as passwords; a commendable step towards protecting users from their own stupidity.
Imperva’s list of the most common passwords has some known critters like “Password” and “12345” (and its other forms); “rockyou” and “princess” were new to me.
I’d also include a couple more to this list: [name of spouse/partner] and [your first name]. These are bad passwords because not only is this information known to people around you but it can also be gleaned from your web profiles.
As per TechCrunch, Twitter has banned hundreds of passwords. It would be nice if other popular web services like Hotmail, Gmail, Yahoo, Facebook etc., implemented this too; there is no harm in copying a good idea if it helps users. Here are some from Twitter’s password black list.
Feeling too lazy to create a password? Head off to Strong Password Generator and have one made for you. Specify the length and choose whether you want to include symbols in the password. The service will also give you an easy-to-remember phrase that will help you recall the password. You may also like to check the suggestions and advice on how to remember a password.
Conclusion: You’ll be surprised to know that many people continue to use common passwords. They just don’t realize the importance of online security and privacy until it’s too late. I hope they can pick up some valuable advice from this blog post. I also recommend checking out the tips on how to make a password and how to use HowSecureIsMyPassword, a free online service, to check the password strength.
good. something I learnt here
It helps to know the maximum length of password that a particular system will accept, be it 6, 8 or 10 characters. Many software implementations truncate passwords that exceed a certain length, so on those systems “password” and “password123” may be equivalent. In other words, a seemingly more secure long password may be no more secure than a simple, shorter password.
I feel so stupid because I have been using a simple password for years. Fortunately, my account wasn’t hacked. Thanks for the information.
You won’t believe this. I was using one of these passwords with the digit ‘1’. Changed it now.
It’s hard to believe that so many people use such simple passwords. No wonder a lot of them get their accounts hacked and then crib about the service provider.
Exactly! You should see the number of emails I get each day on this – people forgetting their passwords or security questions and blaming the email service that they are impolite or are not responding.
my account was hacked probably because I had been using a common password 🙁
I forgot my secret question
How do I view a deleted web page?
Is there a way to view a deleted web page - one that is no longer available? Yes there is and the solution is quite simple. [more...]
Email is older than the World Wide Web. It's actually older by two decades. Email was created in 1971 while the web was invented in late 1990. [more...]