Mark Burnett has compiled a list of the 10,000 passwords that are used in over 90% of cases. These include 'password', '123456', '12345678', '1234', 'qwerty', '12345' and even 'letmein'.
A security breach of an internet gaming site led to the publication of 32 million passwords on the internet. No personal information was given but the list of passwords proved very interesting. A study by Imperva showed the following:
30% of passwords where 6 characters or less
60% contained a limited set of alpha-numeric characters.
50% of passwords were names, slang words, dictionary words, consecutive digits, or adjacent keyboard keys.
The most common password among Rockyou.com account owners is “123456”, the 4th most popular was “password”.
Using a password on this list makes you very vulnerable to Intelligent guessing- the first attempts will be based on most likely passwords so obvious ones like ‘password’ will be tried first (please don’t use password!). It will also use known passwords for the same username found elsewhere. But this will then move onto other dictionary words and names.
By making your password longer and not commonly used you force the hacker into Brute Force guessing – here a systematic guessing process will take place based on character combinations of increasing length. It is likely to start with lowercase and numbers as these are the most likely to be used.
Why not try out your password now.