Despite the endless warnings, despite all the advice, despite the plethora of useful articles on the matter, it seems computer users everywhere just can’t help creating really crap passwords.
Analysis of user passwords gathered from the recent Adobe attack reveal a Top 20 list full of easy-to-remember but equally easy-to-guess passwords, with “123456” topping the chart.
The Adobe hack affected 38 million accounts, though this figure relates only to active users. The security breach actually hit more than 150 million accounts, though most are no longer used.
Adobe has changed passwords on affected accounts and contacted users to let them know how to reset their account with a personally chosen password. It also instructed users to change their passwords on any other website where they may have used the same user ID and password as their Adobe account.
Some of the stolen data has started to show up across the Web, with Internet security researcher Jeremi Gosney uncovering a mass of passwords, despite the US software giant saying they were protected by encryption. However, an Adobe spokesperson said last week that up to now there have been no reports of suspicious activity on user accounts affected by the security breach.
Now that you know “123456” topped the list of 1.9 million passwords, perhaps you can guess what came in at number 2…..“123456789”. Number 3 will be enough to make any Web security advisor consider giving up the day job in despair: “password”.
Crap passwords
Here are the rest of the top 20 most popular passwords gathered from the Adobe hack: adobe123 / 12345678 / qwerty / 1234567 / 111111 / photoshop / 123123 / 1234567890 / 000000 / abc123 / 1234 / adobe1 / macromedia / azerty / iloveyou / aaaaaa / 654321
The thing is, if someone uses a number like “123456” for their password on one site, it’s a safe bet they use the same number on all the websites for which they have accounts, as you’d only get confused if you had a different number for each site – unless, of course, you keep all your passwords in a big red notebook with “MY PASSWORDS” written on the front. And those who have “adobe123” as their password no doubt also use “facebook123”, “twitter123”….you get the idea.
Gosney says that he’s currently unable to verify the passwords he uncovered, though he’s “fairly confident” of the list’s accuracy. To find out more about how he collected the data, and to see the top 100 passwords as selected by Adobe users, click here.
Meanwhile, if, after looking through the list above, a bead of sweat has formed on your brow as you start to realize how ridiculously simple your passwords are (or should we say “password is”?), then check out this article to find out how to create something a little more secure. Or get an app to help you.
