If Your Password Is 123456, Just Make It HackMe
By ASHLEE VANCE
Published: January 20, 2010
Back at the dawn of the Web, the most popular account password was “12345.”
The New York Times
Today, it’s one digit longer but hardly safer: “123456.”
Despite all the reports of Internet security breaches over the years, including the recent attacks on Google’s e-mail service, many people have reacted to the break-ins with a shrug.
According to a new analysis, one out of five Web users still decides to leave the digital equivalent of a key under the doormat: they choose a simple, easily guessed password like “abc123,” “iloveyou” or even “password” to protect their data.
“I guess it’s just a genetic flaw in humans,” said Amichai Shulman, the chief technology officer at Imperva, which makes software for blocking hackers. “We’ve been following the same patterns since the 1990s.”
Imperva found that nearly 1 percent of the 32 million people it studied had used “123456” as a password. The second-most-popular password was “12345.” Others in the top 20 included “qwerty,” “abc123” and “princess.”
More disturbing, said Mr. Shulman, was that about 20 percent of people on the RockYou list picked from the same, relatively small pool of 5,000 passwords.
That suggests that hackers could easily break into many accounts just by trying the most common passwords. Because of the prevalence of fast computers and speedy networks, hackers can fire off thousands of password guesses per minute.
There are several password generation programs available that will make and remember random passwords for different sites and needs. I highly recommend them. The one I use is Roboform. You can read my blog entry about it here: Now What Was That Password Again?