For more stories like this, sign up for the PLANADVISERdash daily newsletter.
Diversions January 28, 2010
If You Want to Get Hacked, Try These Passwords
If your password is “123456,” you might as well leave an electronic key
under the doormat with a promise to feed hackers cookies and milk once
they break into your system, according to a new study.
Reported by Fred Schneyer
Sequential passwords might be easy to remember, but they are also the most common, and therefore easy targets for hackers. According to a study by Imperva, a Redwood Shores, California, computer security firm, “123456” is the most common password, followed by a more compact “12345” and a more comprehensive “123456789.”
The password database used in the project came from a hacker attack against a San Mateo, California, developer of social media widgets. In December, a major password breach occurred at RockYou, and the hacker posted the full list of 32 million passwords to the Internet (with no other identifiable information).
Imperva listed the 20 most common passwords (see next page). The company said almost half of the passwords it studied were names, slang words, dictionary words, or what it terms “trivial passwords,” such as consecutive digits and adjacent keyboard keys. Two passwords in the top five were the word “password” and the phrase “iloveyou.”
By relying on a short and simple password, Imperva warned, users become susceptible to basic forms of cyber warfare known as “brute force attacks.”
“Everyone needs to understand what the combination of poor passwords means in today’s world of automated cyber attacks: With only minimal effort, a hacker can gain access to one new account every second or 1,000 accounts every 17 minutes,” said Imperva’s CTO Amichai Shulman, in a news release. “The data provides a unique glimpse into the way that users select passwords and an opportunity to evaluate the true strength of passwords as a security mechanism. Never before has there been such a high volume of real-world passwords to examine.”
To keep hackers at bay, the company recommends passwords that are at least eight characters long and contain four different character types—upper case letters, lower case letters, numbers, and special characters (such as !, $, etc.).
Shulman warned: “It’s time for everyone to take password security seriously; it’s an important first step in data security.”
The password database used in the project came from a hacker attack against a San Mateo, California, developer of social media widgets. In December, a major password breach occurred at RockYou, and the hacker posted the full list of 32 million passwords to the Internet (with no other identifiable information).
Imperva listed the 20 most common passwords (see next page). The company said almost half of the passwords it studied were names, slang words, dictionary words, or what it terms “trivial passwords,” such as consecutive digits and adjacent keyboard keys. Two passwords in the top five were the word “password” and the phrase “iloveyou.”
By relying on a short and simple password, Imperva warned, users become susceptible to basic forms of cyber warfare known as “brute force attacks.”
“Everyone needs to understand what the combination of poor passwords means in today’s world of automated cyber attacks: With only minimal effort, a hacker can gain access to one new account every second or 1,000 accounts every 17 minutes,” said Imperva’s CTO Amichai Shulman, in a news release. “The data provides a unique glimpse into the way that users select passwords and an opportunity to evaluate the true strength of passwords as a security mechanism. Never before has there been such a high volume of real-world passwords to examine.”
To keep hackers at bay, the company recommends passwords that are at least eight characters long and contain four different character types—upper case letters, lower case letters, numbers, and special characters (such as !, $, etc.).
Shulman warned: “It’s time for everyone to take password security seriously; it’s an important first step in data security.”
Top 20 Most Common Passwords
- 123456
- 12345
- 123456789
- Password
- iloveyou
- princess
- rockyou
- 1234567
- 12345678
- abc123
- Nicole
- Daniel
- babygirl
- monkey
- Jessica
- Lovely
- michael
- Ashley
- 654321
- Qwerty
Source: Imperva study of RockYou security breach
You Might Also Like:
Voya Chief Client Officer Exits
William Harmon is leaving the recordkeeper, with two senior leaders taking up the role of outreach to advisers and plan...
Inclusion, Diversity and the Noble Purpose of Advisers
The principal of financial adviser inclusion and diversity at Edward Jones reflects on her job leading the advisory company’s revamped diversity efforts—informed by her own first career as...
Edward Jones Aims For Half Its Advisers to Be Women
The firm hopes its relaunched gender and cultural diversity programs aimed at attracting and retaining people from more walks of life to the advisory industry can help to...
« Personalized Communication Helps Participants Maintain Savings Rate