Passwords leaked from Yahoo: Boozy, preachy, angry - and easy
- 05 July, 2012 22:00
For 333 people who used "ninja" as a password for Yahoo Mail or another Web service, Thursday was the day their fleet-footed, black-clad cover was blown.
A group of hackers calling itself "the D33Ds Company" published a list of 453,492 email addresses and passwords in plain text on Thursday, saying they had found them by hacking into a database associated with an unnamed Yahoo service. The passwords weren't all for Yahoo services; they also come from domain names including gmail.com, hotmail.com and aol.com.
A look through the compromised account information says a lot about Web users and security: First of all, a lot of them don't have much of it.
The most common password in the list is "123456," a simple jaunt across the keyboard that was used for 1,673 of the accounts. Another popular option was "##########," which 1,279 users chose. The fact that this password is longer and utilizes non-alphanumeric characters, both of which are common recommendations from password experts, shouldn't really make those 1,279 people rest easier.
Then again, 804 users faced with having to create a username and password for their private information promptly entered "password." More than 500 others started their passwords with "password," giving hackers a nice head start.
However, password hackers have been warned: "donthack," "donthackme," and "dontdoit" are timely reminders to anyone who wants to use a cracking mechanism that runs through the lowercase alphabet. One accountholder was more vehement: "dontdoit!" the password warned.
The antiquated username-password method of online authentication deserves some of the blame for weak protection. Users forced to come up with one more unique combination of letters, numbers and punctuation, then periodically change it, get frustrated for good reason. The passwords revealed on Thursday included "dontforget" on six accounts. One weary user created, "dontforgetdummy." Seventeen others came up with a reminder and password all rolled into one: "changeme."
Passwords are also a window into the ups and downs of Internet life. Though one account holder declared in his password, "iamhappyalways," and five chose, "iamgreat," there were five with "lifesucks," and a heartfelt, "lifesucksman." Eight chose simply, "sorrow." Seven users told the sign-up process to "gotohell," though one chose, "gotoheaven."
Looking for a way out, a few inevitably looked to the bottle. Boozy passwords included, "beerisgood," "beer4me," "beertime" and simply, "alcohol" -- chosen by four people. Religion is another major theme: "jesus" appears 40 times, while the slightly more protective "jesus1" is the password on 101 accounts.
Eventually, along with the frustrations of setting up an online account comes the other end of it. Not one but two of the accounts revealed on Thursday used the password, "accountclosedpissoff."
- Managing Web Security in an Increasingly Challenging Threat Landscape
- International Mobile Communications: How To Balance Connectivity, Productivity And Cost Concerns
- 5 Ways To Be More Productive At Work
- Deliver Protection and Elasticity for your Network
- Simplifying eDiscovery & Compliance in the Big Data Era
Brace for change: An interview with Tony Hayes of ISACA
Rethinking the worst case
The brand called CIO
Motorola turns to the Moto G's price to reserve its smartphone fortunes
Virtual desktop computing service: The next cloud disruptor?
How to win the data centre
To compete and win in today’s supercharged global marketplace, companies must roll out new applications and services faster than ever, while maintaining round-the clock availability and responsive performance amid exponentially increasing traffic. In this whitepaper, we look at the demand for dynamic and flexible infrastructure that underlies application services. Click to download.
5 Ways To Be More Productive At Work
Think back to the last time all your employees were in the office, at their desks, on the same day. It’s no surprise that you might struggle, between travel and off-site meetings, remote staff, flexible schedules and sick days. In today's competitive business climate, organisations need to maintain productivity and connectedness with their staff, despite not always being onsite. In this whitepaper, we look at five ways you can improve productivity, no matter where employees are.
Riverview Hospital Improves Patient Experience
To support its team of 300 physicians and 20 offsite facilities, the technical staff of Riverview Hospital in Noblesville, Indiana, require a performance-focused infrastructure for its electronic health records. The speed at which doctors can retrieve patient data is determined by the response times of this server and the performance of its database. In this casestudy, we look at how its caregivers can spend more time with their patients rather than an application.