Top 20 Easy-to-Guess Passwords


Security firm Imperva has been taking a look at just what kinds of passwords people use for web-based service RockYou, and found that there is a disturbing trend towards easily hacked options.

Surprising, 'QWERTY' is very low on the top twenty...

Indeed, according to Imperva’s data, taken from a hack towards the end of last year that saw somewhere in the region of 32 million passwords. Because of the fact that these passwords were all stored in plain text, it seems to have been fairly simple for the folks at Imperva to sit down and crunch the numbers to put together a list of the top twenty most-used (and consequently, least secure) passwords. Some are interesting and to be expected, but there are a few strange ones in there as well.

According to Imperva, these are the most common passwords used among the 30 million users whose accounts were compromised:

1. 123456
2. 12345
3. 123456789
4. Password
5. iloveyou
6. princess
7. rockyou
8. 1234567
9. 12345678
10. abc123
11. Nicole
12. Daniel
13. babygirl
14. monkey
15. Jessica
16. Lovely
17. michael
18. Ashley
19. 654321
20. Qwerty

The net result of all of this is that, a hacker could have used to top 5,000 passwords as a “dictionary for brute force attack on users, it would take only one attempt (per account) to guess 0.9% of the users passwords or a rate of one success per 111 attempts.” That in itself doesn’t sound quite as scary until they extrapolate further.

If the attack was being performed by a user with a 55KBPS upload speed, then they’d reasonably be able to manage about 110 attempts a second… so you’re talking a hair under one account broken per second…

Scary stuff, but certainly interesting. If you’d like to check out Imperva’s research on it, you’d do well to click on this link and download the PDF.

Anyone else ever used a similarly dreadful password? I once went with a Street Fighter 2 character, but I don’t see any of those on the list, so apparently, I’m not quite as bad as others in that respect…


Tags: , , , , , , , , , , , , , , ,

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: