You wouldn't believe that too many people still use terrible passwords

[Ken 891]

Some things online can never change like -- Terrible Passwords by Humans.

 

When it's about various security measures to be taken in order to protect your Internet security, like installing a good anti-virus or running Linux on your system doesn’t mean that your work gets over here, and you are safe enough from online threats.

However, even after countless warnings, most people are continuously using deadly-simple passwords, like '123456' or 'password,' to safeguard their most sensitive data.

Evidence suggests that weak passwords are as popular now as they ever were, and the top 25 passwords of 2015 are very easy to guess.

Password management firm SplashData on Tuesday released its annual "Worst Passwords List". The 2015 list almost resembled the 2014 list of the worst password, but there are some interesting new entries, including the Star Wars-inspired 'solo,' and 'starwars.'

Hard to believe, but '123456' once again topped the list, just like last year, and again followed by the truly terrible 'password.'

Sport remains popular among online users as 'football' and 'baseball' are both on the top 10 list of worst passwords.

 

 

 

Top 25 Worst Passwords of 2015

 

SplashData analyzed over 2 Million leaked passwords in 2015, and the results are as follow:

1. 123456
2. password
3. 12345678
4. qwerty
5. 12345
6. 123456789
7. football
8. 1234
9. 1234567
10. baseball
11. welcome
12. 1234567890
13. abc123
14. 111111
15. 1qaz2wsx
16. dragon
17. master
18. monkey
19. letmein
20. login
21. princess
22. qwertyuiop
23. solo
24. passw0rd
25. starwars

"The longer passwords are so simple as to make their extra length virtually worthless as a security measure,"

says SplashData

The importance of online security around personal data has increased due to the rise in data breaches and cyber attacks over recent years.

 

Last year was the year of data breaches. According to an estimate, around 480 Million personal data records were leaked online, which included high-profile breaches at the United States Office of Personnel Management (OPM) and the extramarital affair site Ashley Madison.

 

So remember: "God helps those who help themselves," likewise nobody can secure you online unless and until you are not willing to.

 

How to Create a Strong Password

 

Always create different passwords for different sites. So that if one site is breached, your other online accounts on other sites are secure from being hacked.

These are some useful tips that will help you make password strength secure and easier to remember:

• Use a combination of lowercase, uppercase, numbers, and special characters of 8 characters long or more like s9%w^8@t$i.
• Use short passphrases with special characters separating to make it difficult for crackers and could be easily remembered like cry%like@me (cry like me).
• Avoid using the same combination of passwords for different websites.
• If it is difficult for you to remember different passwords for different websites, then use Password Manager applications like RoboForm, 1Password, LastPass.

 

Stay Safe! Stay Secure!

Edited August 24, 2022 by Metin2 Dev
Core X - External 2 Internal

[Mr.Slime 113]

Like this "1234567" ahahahha

[WhoAmI? 0]

Like this "mehmetsetomt2" 

[Galet 498]

MyP4SSW03D12T0oSt30пG = Best password ever xD

More seriously, at first it was just created for fun in this topic but it's a mix between uppercase and lowercase, numbers and one letter from the Cirrilic Alphabet (P or I could be used because they looks like the letter n in latin alphabet : и/п)

[Berke58 95]

qwerty is better 

[Ken 891]

3 hours ago, Mr.Slime said:

Like this "1234567" ahahahha

2 hours ago, Berke58 said:

qwerty is better 

The worst password..

2 hours ago, galet said:

MyP4SSW03D12T0oSt30пG = Best password ever xD

More seriously, at first it was just created for fun in this topic but it's a mix between uppercase and lowercase, numbers and one letter from the Cirrilic Alphabet (P or I could be used because they looks like the letter n in latin alphabet : и/п)

It depends on your brain also your knowledge about the internet too. Most people don't care about the password because they're thinking there is nothing to steal or something like that.

Don't be sure.

uQczEwSZ?!@c+F/P!uw=eAdb7bS32;)*A#\5/Jn$

How to remember it?

Umbrella QUESTION Computer Zigzag EGG Washington SHOOT ZIGZAG ? ! @ Computer + FRUIT / POLYESTER ! Umbrella Washington = Egg APPLE Drip Banana Seven Banana SHOOT Three Two ; ) * APPLE # \ Five / JACK Nut $

[Galet 498]

At least, if your password is too strong to be remembered, (or if you're just too lazy) stock your password somewhere hidden in a computer or electronical device or in real life on a post-it if you're sure that nobody will come in your house or no one will enter in your chamber (pic related)

Edited August 24, 2022 by Metin2 Dev
Core X - External 2 Internal

[Vanilla 1451]

Source: http://xkcd.com/936

Edited August 24, 2022 by Metin2 Dev
Core X - External 2 Internal

[Ken 891]

2 hours ago, galet said:

At least, if your password is too strong to be remembered, (or if you're just too lazy) stock your password somewhere hidden in a computer or electronical device or in real life on a post-it if you're sure that nobody will come in your house or no one will enter in your chamber (pic related)

As I said, it depends on your brain. If you're good with remembering something, you don't have to save your password in your computer. Otherwise, you have to save your passwords in your computer. It's not about password's length or something like that. It's about combination. If you give a combination someone, they probably solve it sooner or later.

https://en.wikipedia.org/wiki/Password_strength#Entropy_as_a_measure_of_password_strength

 

[Vanilla 1451]

It's a matter of both. Length and complexity.

A simple password consisting of 4 simple letters will be hard to crack with a bruteforce but not when you're using dictionary attacks. This is why both should be regarded.

Telling people that a password consisting of 8 characters should be enough is just wrong. Larger passwords, better yet passphrases, with less complexity (but not none!) is the key to achieve good passwords. Everything else can be cracked easily with modern computers under some circumstances.

Also tricks like replacing e with 3 is old and most bruteforce attacks know those patterns. Still the attacker won't know your pattern. Easiest way to get safe passwords is putting random words together (which have no relation at all), remove some letters or substitute them with something else and you're done. Easy to remember, hard to crack. Hackers won't know your pattern. As long as they don't know, their attack will be by far less efficient.

[BeHappy4Ever 234]

Mine is antibruteforcepassword that i use on metin2dev, is it safe guys?  

3 hours ago, Ken said:

As I said, it depends on your brain. If you're good with remembering something, you don't have to save your password in your computer. Otherwise, you have to save your passwords in your computer. It's not about password's length or something like that. It's about combination. If you give a combination someone, they probably solve it sooner or later.

https://en.wikipedia.org/wiki/Password_strength#Entropy_as_a_measure_of_password_strength

 

Better safe the password on a paper and not on pc , because if you get a rat for example it will be very dangerous :/ .

[Ken 891]

15 minutes ago, Vanilla said:

It's a matter of both. Length and complexity. A simple password consisting of 4 simple letters will be hard to crack with a bruteforce but not when you're using dictionary attacks. This is why both should be regarded.

If you're using bruteforce, you could crack it easily. (Just use Python or something like that. If you don't use kali linux or something like that)

import itertools
res = itertools.product('abc', repeat = 3);
for i in res:
	print ''.join(i)

Also, it's up to you. Most people are saying don't use specific things about yourself when you create a password.

15 minutes ago, Vanilla said:

Easiest way to get safe passwords is putting random words together (which have no relation at all), remove some letters or substitute them with something else and you're done. Easy to remember, hard to crack. Hackers won't know your pattern. As long as they don't know, their attack will be by far less efficient.

That's a reason but If that hacker or someone else know you well or sniffing, it could be easy too.

If you want to try hard, you could use specific words (which one is not from english). It just depends on your brain.

Protect yourself and be cool.

11 minutes ago, BeHappy4Ever said:

Mine is antibruteforcepassword that i use on metin2dev, is it safe guys?  

That explains, why vanilla said the hacker could use a bruteforce attack.

11 minutes ago, BeHappy4Ever said:

Better safe the password on a paper and not on pc , because if you get a rat for example it will be very dangerous :/ .

If you're watching 18+ stuffs on the internet and click every advertisement, you probably get that and everything will be dangerous for ya. Also, it's depend on the hacker's social engineering skills. You can hack people whenever you want. (That's a rule).

http://resources.infosecinstitute.com/social-engineering-a-hacking-story/

Best Regards

Ken

[BeHappy4Ever 234]

8 minutes ago, Ken said:

If you're using bruteforce, you could crack it easily. (Just use Python or something like that. If you don't use kali linux or something like that)

import itertools
res = itertools.product('abc', repeat = 3);
for i in res:
	print ''.join(i)

Also, it's up to you. Most people are saying don't use specific things about yourself when you create a password.

That's a reason but If that hacker or someone else know you well or sniffing, it could be easy too.

If you want to try hard, you could use specific words (which one is not from english). It just depends on your brain.

Protect yourself and be cool.

That explains, why vanilla said the hacker could use a bruteforce attack.

If you're watching 18+ stuffs on the internet and click every advertisement, you probably get that and everything will be dangerous for ya. Also, it's depend on the hacker's social engineering skills. You can hack people whenever you want. (That's a rule).

http://resources.infosecinstitute.com/social-engineering-a-hacking-story/

Best Regards

Ken

I dont know why you guys think that you can get a virus only from 18+ website.For example many peoples are using pirate disk to format their disk , you do not probably know if there is a virus there.You can get a virus from everywhere lol , i got because someone was playing "dressup" when i was 9years old on my family's password and we got a virus , and thats why probably i was the suspicius .  

[Ken 891]

9 minutes ago, BeHappy4Ever said:

I dont know why you guys think that you can get a virus only from 18+ website.For example many peoples are using pirate disk to format their disk , you do not probably know if there is a virus there.You can get a virus from everywhere lol , i got because someone was playing "dressup" when i was 9years old on my family's password and we got a virus , and thats why probably i was the suspicius .  

It was an example. Most people can't control themselves. Their enjoys and so on. Most hacker are choosing those places because of that. It's like a vulnerability or send a naked girl to your victim. (You probably put your virus and encrypt it). Those things are already easy but everything is up to you. If you click everything all the time, you will get this sooner or later or he can blackmailing you with a few information. It's depend on your brain

If the hacker already knew you well, it will be easy for him. Social engineering and informations about you. Of course, you can call FBI for that if you want ^^

That's a bad thing but the main goal is how to trick the victim. That explains why social engineering is the best power in this world.

Best Regards

Ken

[BeHappy4Ever 234]

1 minute ago, Ken said:

It was an example. Most people can't control themselves. Their enjoys and so on. Most hacker are choosing those places because of that. It's like a vulnerability or send a naked girl to your victim. (You probably put your virus and encrypt it). Those things are already easy but everything is up to you. If you click everything all the time, you will get this sooner or later or you can blackmailing him with a few information. It's depend on your brain

If the hacker already knew you well, it will be easy for him. Social engineering and informations about you. Of course, you can call FBI for that if you want ^^

Best Regards

Ken

Oh well , you are true my friend.So you think that FBI can find them very easy(just asking)?The best thing if you will make a crime on internet is to use a public place or a windows clone(mean on virtual box)(that's just my opinion).  

[Ken 891]

17 minutes ago, BeHappy4Ever said:

Oh well , you are true my friend.So you think that FBI can find them very easy(just asking)?The best thing if you will make a crime on internet is to use a public place or a windows clone(mean on virtual box)(that's just my opinion).  

Public Wi-Fi, Of course, it's the best thing to hack big companies. If we're talking about big things, FBI is crying about that at the moment. It depends on your skills. If you're really professional, FBI don't even catch you. They can't trace bitcoins too. (The newest one is Decred as far I know).

The main goal is you have to be more intelligence than your victim. The picture explains everything.

 

Spoiler

 

It reminds me this

Best Regards

Ken

Edited September 11, 2022 by Metin2 Dev
Core X - External 2 Internal