Security Protection – Harry Waldron MVP Rotating Header Image

Password Analysis from recent security breaches

Recently hackers breached security in a number of websites and disclosed a number of passwords.  Users continue to pick weak and popular passwords that could compromise their online security.  Giving passwords more thought in creating complex ones, plus a good systematic way of remembering them can help improve security, (even as a friend does in writing them down and putting into his wallet).  Also, don’t use the same password on all websites.  Often folks use the same password for Facebook and their email account, and thus discovery of a password to one resource can lead to compromises of other resources.

Password Analysis from recent security breaches https://isc.sans.edu/diary.html?storyid=13720

QUOTE: Looking at the top 10 passwords and the top 10 base words, we note that some of the worst possible passwords are right there at the top of the list. 123456 and password are always among the first passwords that the bad guys guess because for some reason we haven’t trained our users well enough to get them to stop using them.

Top 10 passwords 123456 = 1667 (0.38%)
password = 780 (0.18%)
welcome = 437 (0.1%)
ninja = 333 (0.08%)
abc123 = 250 (0.06%)
123456789 = 222 (0.05%)
12345678 = 208 (0.05%)
sunshine = 205 (0.05%)
princess = 202 (0.05%)
qwerty = 172 (0.04%)

Top 10 base words password = 1374 (0.31%)
welcome = 535 (0.12%)
qwerty = 464 (0.1%)
monkey = 430 (0.1%)
jesus = 429 (0.1%)
love = 421 (0.1%)
money = 407 (0.09%)
freedom = 385 (0.09%)
ninja = 380 (0.09%)
sunshine = 367 (0.08%)

Password length (count ordered) 8 = 119135 (26.9%)
6 = 79629 (17.98%)
9 = 65964 (14.9%)
7 = 65611 (14.82%)
10 = 54760 (12.37%)
12 = 21730 (4.91%)
11 = 21220 (4.79%)
5 = 5325 (1.2%)
4 = 2749 (0.62%)
13 = 2658 (0.6%)

Comments are closed.

Network-wide options by YD - Freelance Wordpress Developer