Adobe Hack Proves Dumb People Still Use Terrible Passwords

Adobe Hack Proves Dumb People Still Use Terrible Passwords
To sign up for our daily newsletter covering the latest news, hacks and reviews, head HERE. For a running feed of all our stories, follow us on Twitter HERE. Or you can bookmark the Lifehacker Australia homepage to visit whenever you need a fix.

The stupidest password mistake you can make is to use an obvious password such as a sequence of consecutive numbers or the word ‘password’. Data from the recent hack of Adobe’s customer database demonstrates that stupidity remains rampant.

Stupidity picture from Shutterstock

Analyst Jeremy Gosney of the Stricture Consulting Group analysed a dump file of the leaked passwords, which are now thought to number at least 38 million. These were the 20 most common in his analysis:

  1. 123456
  2. 123456789
  3. password
  4. adobe123
  5. 12345678
  6. qwerty
  7. 1234567
  8. 111111
  9. photoshop
  10. 123123
  11. 1234567890
  12. 000000
  13. abc123
  14. 1234
  15. adobe1
  16. macromedia
  17. azerty
  18. iloveyou
  19. aaaaaa
  20. 654321

While we’d always advise anyone whose passwords had been potentially compromised to change them, no-one should have been using these passwords in the first place — and ideally IT pros should be setting up systems that block the most obvious offences.

[via BBC]

Comments

  • Well why does Adobe accept the creation of such passwords in the first place? Most everywhere has some password creation criteria these days (eg. alphanumeric with at least one uppercase letter and at least one number and/or symbol.)

    • Educate people about the quality of their password, but don’t enforce it on them – If I’m just setting up a throw-away account, there’s no point creating a unique complex password. A minimum password length is mostly just to make brute forcing a web service sufficiently low-yield.

      Assuming the passwords are hashed and stored correctly (and in this case they weren’t), then just focus on keeping your services secure. A user is responsible for their chosen level of security.

Show more comments

Comments are closed.

Log in to comment on this story!