Skip to main content

'123456' giving tough competition to 'password' in Worst 25 Passwords of 2013


123456, password, 12345678, qwerty… or abc123, How many of you have your password one of these??? I think quite a many of you.

Even after countless warnings and advices given to the users by many security researchers, people are continuously using a weak strength of password chains.

After observing many cyber attacks in 2013, we have seen many incidents where an attacker can predict or brute-force your passwords very easily.

From 2012, the only change till now is that the string “password” has shifted to the second place in a list of the most commonly used passphrases and string “123456” has taken the first place recently, according to an annual "Worst Passwords" report released bySplashData, a password management software company

They announced the annual list of 25 most common passwords i.e. Obviously the worst password that found on the Internet. The Most common lists of the passwords this year are "qwerty," "abc123," "111111," and "iloveyou", which are really easily guessable.

"Another interesting aspect of this year's list is that most short numerical passwords showed up even though websites are starting to enforce stronger password policies," says Morgan Slain, CEO of SplashData.

Below are the worst passwords list of 2013 with Rank and showing the comparison of it from 2012:
List of Worst Passwords 
If you are also using one of these passwords or other dictionary words, then you are advised to change it as soon as possible. We further advise you to use different passwords for different accounts, as if one of your account gets hacked, you’ll be totally ruined.

The above list of passwords was compiled from data dumps of stolen passwords posted online, and the firm says it was especially influenced by the millions of Adobe accounts that were compromised in the fall.

Fact & figure
Stricture Consulting Group attempted to decrypt the leaked Adobe passwords and released an estimate that almost 2 million of the more than 130 million users affected by the breach appeared to be using "123456" as a password.

Now when you talk about various security measures to protect your privacy and data, installing an Antivirus doesn’t mean that here your work gets over and you are safe enough. “God helps those who help themselves” likewise nobody can secure your privacy unless and until you yourself not willing to.

Here I have listed some useful tips to make your password strength secure and easier to remember:
  • Use a combination of lowercase, uppercase, numbers, and special characters of 8 characters long or more like s9%w^8@t$i
  • Use short passphrases with special characters separating to make it difficult for crackers and could be easily remembered like cry%like@me (cry like me)
  • Avoid using the same combination of passwords for different websites
  • If it is difficult for you to remember different passwords for different websites and accounts than try using Password manager applications like RoboForm, 1Password, LastPass.
STAY SECURE, STAY SAFE!

Comments

Popular posts from this blog

HC WeB : A Browser for HACKERS...

A Browser for HACKERS... Try for Free... Download HC WeB Setup Gallery: Online Penetration Testing Tools Index Information Gathering Whois DNS Location Info Enumeration and Fingerprint Data Mining Search Engines Editors Online Text Editors Share Text Snippets Network Utilities Ping HTTP HTTPS VNC Remote Desktop SSH DNS Sniffers Misc Forensics Frameworks URL Cloaking E-mail Password Cracking Encoders and Decoders Encoders Decoders Malwares Malware Analysis Identify Malicious Websites Suspected Malicious IPs and URLs Application Auditing SQL Injection Cross Site Scripting File Inclusion Anonymity Proxy Others Hackery Open Penetration Testing Bookmarks Collection Hacker Media Blogs, Forums, Magazines and Videos. Methodologies Penetration testing frameworks, standards and methodologies. OSINT Presentations, People, Organizations and Infrastructure.  Exploits an...

KALI Linux 1.0.6 released; officially added Emergency Self Destruct feature

A few days back the developers of one of the most advance open source operating system for penetration testing called 'KALI Linux' announced that they were planning to include "emergency self-destruction of LUKS". They patched a utility called cryptsetup, which introduces a self destruction feature that will allow the Kali user to encrypt the full hard disk to make the data inaccessible in an emergency case by entering a secret password at boot time. Offensive Security has finally announced today the release of the latest version i.e. Kali Linux 1.0.6 with Kernel version 3.12, and also added the Self Destruct feature along with many new penetration testing and hacking tools. The new release also includes an ARM image script, that allow the user to build Kali Linux images for various ARM devices. Some more scripts are also added that enables the user to build their own custom Amazon AMI and Google Compute cloud images. If you already have a Kali Linux ins...

Facebook Web Security Bug Bounty: Directory Traversal Vulnerability / RCE In Parse.com

http://parse.com   directory traversal vulnerability Little Insight: http://parse.com  was vulnerable to a directory traversal / RCE vulnerability. As a result, it was possible for an attacker to load web server-readable files from the local filesystem. or Run commend on That Well this is my 4th reward form facebook  Directory Traversal or RCE Vulnerability  That  give me 5th position in Facebook white-hat Page Report Date :23  July 2014 Reward For Directory Traversal or RCE Vulnerability :  20000$ How This work......? As we discussed earlier on my old post  Flowdock Directory Traversal Vulnerability exposed files outside of Rails’ view paths. '%5C' turns into '\' after decoding. Using Rack::Protection    it only rejects '/../' segments in the request path.   patch apply for Rack::Protection acording CVE-2014-0130  and  also Reject now '%5C' turns into '\' af...