SplashData posts 25 "most popular" passwords of 2012

Jos

Posts: 3,073   +97
We've been seeing an unprecedented number of security breaches over the last few years targeting large corporations and individuals alike. That isn't stopping people from using the most unimaginative and predictable passwords when signing up to a website or online...

[newwindow="https://www.techspot.com/news/50593-splashdata-posts-25-most-popular-passwords-of-2012.html"]Read more[/newwindow]
 
G

Guest

I have 3 main passwords that I use. All of which are around 12-15 characters.
I really hate when websites force me to add numbers and capitulations...Its pointless because most people capitalize the first letter and put a one at the end.
 
  • Like
Reactions: H3llion

Jesse

Posts: 358   +42
I have 3 main passwords that I use. All of which are around 12-15 characters.
I really hate when websites force me to add numbers and capitulations...Its pointless because most people capitalize the first letter and put a one at the end.
I don't think you have a good grasp on password security. You are breaking most of the rules aside from length. These are commonly agreed upon best practices for password security and are not pointless.
 
  • Like
Reactions: Gareis
G

Guest

Darn they stole my password list ;)

People should just use a password application, there are a ton of free ones that make things easy and secure.
 

Gareis

Posts: 73   +14
I have 3 main passwords that I use. All of which are around 12-15 characters.
I really hate when websites force me to add numbers and capitulations...Its pointless because most people capitalize the first letter and put a one at the end.
I don't think you have a good grasp on password security. You are breaking most of the rules aside from length. These are commonly agreed upon best practices for password security and are not pointless.
 

ikesmasher

Posts: 3,051   +1,373
Oh crap, I gotta change my password from monkey, ive been caught...
/sarcasm.

if you arent gonna do caps or numbers, at least make it a reasonably specific password.
 

Timonius

Posts: 648   +58
Ok, I know choosing strong passwords are good and making sure username and passwords vary out there. The higher end security needs REALLY need some sort of two factor authentication or better. For example some MMO's have an optional security key, some e-mail systems allow the addition of a cell phone key to tighten security, etc. My bank does not even offer this option. At this point these are all optional but in the future could be used to secure ones privacy.

Also, I do write some of my passwords down and keep them in safe places or it is written down without a clue as to what username or website or program it belongs to. They are usually randomly generated gibberish using alpha-numeric, caps and symbols exceeding 16 chars. What do some of you do?
 
  • Like
Reactions: Gareis

Emin3nce

Posts: 129   +1
I have to admit, I hate it when websites don't let me use special characters. For instance, one of my old instance passwords was $0wh@t<You?G0nnNnnad()@bout[iT] ... When we upgraded to a new host, their archaic UI wouldn't allow it...

If you can't figure out how to program scrubs on special characters / strings in a password field, then don't f'ing code.
 
  • Like
Reactions: Arris
G

Guest

Working in a cubicled office environment I used to use a password made from a portion of the title of a book that sat in a certain location on a shelf behind my desk. I eventually had to use a different method as the books were popular reads among my co-workers and I'd lose track of the darned book.
 
I have to say here that if companies can collate a list of passwords most commonly used, it makes me worry that a lot of websites aren't using salted password hashes...
 

Darth Shiv

Posts: 2,043   +625
I have 3 main passwords that I use. All of which are around 12-15 characters.
I really hate when websites force me to add numbers and capitulations...Its pointless because most people capitalize the first letter and put a one at the end.
I don't think you have a good grasp on password security. You are breaking most of the rules aside from length. These are commonly agreed upon best practices for password security and are not pointless.
Actually some of those rules are pointless. Capitalisation requires shift key press which could instead be used for additional characters in your password. Numbers, sure they can extend the keyspace you are using but decent password length is much more effective.

If you use 8 characters, upper/lowercase plus numerical digits, you have 62^8 = 2.18 x 10^14 combinations.

If you use 12 characters, all lowercase, no digits, you have 26^12 = 9.5 x 10^16 combinations.

For online systems, if they used a failed attempt lockout policy like what ATMs use, they would be far more secure.