Worst Passwords Of 2015 Reveal Our Stupidity - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
Worst Passwords Of 2015 Reveal Our Stupidity
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
Banacek
0%
100%
Banacek,
User Rank: Ninja
1/21/2016 | 11:15:39 AM
Re: Amazing
Actually, I use stronger passwords for those things I am concerned about, and weaker passwords for stupid stuff. I really could care less if someone hacks my facebook or gets into my hotmail account (as I rarely use it). But I have much stronger stuff on PayPal or my servers at work.
Ariella
50%
50%
Ariella,
User Rank: Author
1/21/2016 | 9:53:08 AM
Re: Amazing
Even Cisco typically uses a version of this and ran into trouble when it deviated. See http://www.theregister.co.uk/2016/01/12/cisco_password_snafu/?mt=1452646807203:

"A number of C-Series servers have shipped to customers with a non-standard default password which prevents access to the Cisco Integrated Management Controller (CIMC) unless the configured password is provided," the Borg says in a new Field Notice.

Kit made between between November 17, 2015 and January 6, 2016 was misconfigured. If you get one and try to get it working with Cisco's default admin password – "password" – you'll look like a very silly sysadmin indeed.

The fault is all Cisco's: for reasons it's not explaining, the firm instead set the default password to "Cisco1234".
Stratustician
100%
0%
Stratustician,
User Rank: Ninja
1/21/2016 | 9:42:21 AM
Re: Amazing
I wonder if there is a correlation between passwords used and perceived value of the application or data that the password is used to access.  For example. do users use a weak password for business applications, but at home, use a stronger password for facebook, email etc.  If so, it might highlight an issue in employees taking less interest in protecting corporate assets, or simply are frustrated due to password requirements.  Often if passwords have a shorter lifespan before a user needs to enter a new one, it causes frustration and we might see the password complexity suffer.
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
1/21/2016 | 7:36:24 AM
Amazing
It's amazing that a quick throwaway scene in hackers back in 1995 where they talk about the most common passwords being a pitfall for people and over 20 years later we're having the same issues. 

It really is astounding how people don't understand the dangers of these sorts of passwords. It's not that hard to remember a few words strungtogether plus a number. 
Gigi3
100%
0%
Gigi3,
User Rank: Ninja
1/21/2016 | 4:41:05 AM
Re: Progress
"The password 123456 is interesting. It has been speculated that the password 123456 is not a real password and it is a test password that users and/or developers employ to test a site's login or to test a site's login functionality before a user signs up to a website with their primary email address and strong password."

Brian, testing professionals using such passwords on keeping mind that that's going to be the most using passwords.  Apart from that hackers are also using such common and easy passwords to crack the account.
Gigi3
100%
0%
Gigi3,
User Rank: Ninja
1/21/2016 | 4:38:58 AM
Passwords
Thomas, most of the peoples are making such mistakes only for the sake of easy to remember. Date of birth, mobile number, self/spouse/father/mother/kids name etc are other commonly used passwords. Passwords should be something in a complex way with a combination of upper/lower alphabets, numerals and special charectors, which no one can easily guess or track. It should be changes atleast once in a month too.
Brian.Dean
50%
50%
Brian.Dean,
User Rank: Ninja
1/20/2016 | 10:15:03 PM
Progress
A few of the worst passwords list from 2013 were many times worst, it seems that users are becoming better at managing their online security.

The password 123456 is interesting. It has been speculated that the password 123456 is not a real password and it is a test password that users and/or developers employ to test a site's login or to test a site's login functionality before a user signs up to a website with their primary email address and strong password.
<<   <   Page 2 / 2


The State of IT & Cybersecurity Operations 2020
The State of IT & Cybersecurity Operations 2020
Download this report from InformationWeek, in partnership with Dark Reading, to learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. Get it now!
Commentary
The Best Way to Get Started with Data Analytics
John Edwards, Technology Journalist & Author,  7/8/2020
Slideshows
10 Cyberattacks on the Rise During the Pandemic
Cynthia Harvey, Freelance Journalist, InformationWeek,  6/24/2020
News
IT Trade Shows Go Virtual: Your 2020 List of Events
Jessica Davis, Senior Editor, Enterprise Apps,  5/29/2020
Register for InformationWeek Newsletters
Video
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll