Social networking site breach exposes most popularly used passwords

An analysis of more than 32 million exposed passwords revealed "123456" as the most commonly used security code when logging into online accounts.

Social networking services and customized widget company, Rockyou.com, suffered a data breach in December 2009.

The breach included millions of people's email addresses and passwords for Rockyou.com (and in many cases passwords and login details for associated social networking sites). The hacker responsible for the attack subsequently posted the full list of passwords on the internet.

The compromised password and login data was examined by US-based security company, Imperva Application Defense Center (ADC).

The ease and scale of this security breach should read as a warning to everyone logging onto web-based social networks, email accounts or online ecommerce sites - especially those who use the same passwords for multiple accounts.

Pairing short, uncomplicated and easy-to-guess passwords with identical login credentials for multiple sites can put you at serious risk of identity theft and can easily result in your accounts being compromised by prying eyes.

"Everyone needs to understand what the combination of poor passwords means in today's world of automated cyber attacks: with only minimal effort, a hacker can gain access to one new account every second-or 1000 accounts every 17 minutes," explained Imperva's CTO Amichai Shulman in a January 21 report announcement.

"The data provides a unique glimpse into the way that users select passwords and an opportunity to evaluate the true strength of passwords as a security mechanism. Never before has there been such a high volume of real-world passwords to examine."

Surprisingly, the analysis of the Rockyou.com data confirms that consumer password habits have changed very little over the past two decades. Almost 50 percent of users opt for passwords that are names and easily understood words or use trivial passwords such as consecutive digits and adjacent keyboard keys.

A full analysis of the 32 million Rockyou.com passwords show the most commonly used passwords are:
1. 123456
2. 12345
3. 123456789
4. Password
5. iloveyou
6. princess
7. rockyou
8. 1234567
9. 12345678
10. abc123

To keep your accounts safe, NASA recommends adhering to the following steps when creating a password:

1. It should contain at least eight characters.
2. It should contain a mix of four different types of characters - upper case letters, lower case letters, numbers, and special characters such as !@#$%^&*,;" If there is only one letter or special character, it should not be either the first or last character in the password.
3. It should not be a name, a slang word, or any word in the dictionary. It should not include any part of your name or your e-mail address.
4. Choose a strong password for sites where you care about the privacy of the information you store. Bruce Schneier's advice is useful: "take a sentence and turn it into a password. Something like "This little piggy went to market" might become "tlpWENT2m." That nine-character password won't be in anyone's dictionary."
5. Use a different password for all sites - even for the ones where privacy isn't an issue. To help remember the passwords, again, following Bruce Schneier's advice is recommended: "If you can't remember your passwords, write them down and put the paper in your wallet. But just write the sentence - or better yet - a hint that
will help you remember your sentence."
6. Never trust a third party with your important passwords (webmail, banking, medical etc.)

The information formed part of Imperva's Consumer Password Worst Practices report.

Start your day with The Independent, sign up for daily news emails
Have you tried new the Independent Digital Edition apps?
ebooks
ebooksAn introduction to the ground rules of British democracy
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
SPONSORED FEATURES
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs Media

Guru Careers: Lead Systems Developer / Software Developer

COMPETITIVE + Excellent Benefits: Guru Careers: A Lead Systems Developer / Sof...

Recruitment Genius: Social Media & Engagement Manager - French or German Speaker

Negotiable: Recruitment Genius: The world's leading financial services careers...

Recruitment Genius: Digital Marketing Executive - 6 Months Contract

£28000 - £30000 per annum: Recruitment Genius: The Digital Marketing Executive...

Guru Careers: Account Manager / Senior Account Manager

40-45K DOE + Benefits: Guru Careers: An Account Manager / Senior Account Manag...

Day In a Page

A nap a day could save your life - and here's why

A nap a day could save your life

A midday nap is 'associated with reduced blood pressure'
If men are so obsessed by sex, why do they clam up when confronted with the grisly realities?

If men are so obsessed by sex...

...why do they clam up when confronted with the grisly realities?
The comedy titans of Avalon on their attempt to save BBC3

Jon Thoday and Richard Allen-Turner

The comedy titans of Avalon on their attempt to save BBC3
The bathing machine is back... but with a difference

Rolling in the deep

The bathing machine is back but with a difference
Part-privatised tests, new age limits, driverless cars: Tories plot motoring revolution

Conservatives plot a motoring revolution

Draft report reveals biggest reform to regulations since driving test introduced in 1935
The Silk Roads that trace civilisation: Long before the West rose to power, Asian pathways were connecting peoples and places

The Silk Roads that trace civilisation

Long before the West rose to power, Asian pathways were connecting peoples and places
House of Lords: Outcry as donors, fixers and MPs caught up in expenses scandal are ennobled

The honours that shame Britain

Outcry as donors, fixers and MPs caught up in expenses scandal are ennobled
When it comes to street harassment, we need to talk about race

'When it comes to street harassment, we need to talk about race'

Why are black men living the stereotypes and why are we letting them get away with it?
International Tap Festival: Forget Fred Astaire and Ginger Rogers - this dancing is improvised, spontaneous and rhythmic

International Tap Festival comes to the UK

Forget Fred Astaire and Ginger Rogers - this dancing is improvised, spontaneous and rhythmic
War with Isis: Is Turkey's buffer zone in Syria a matter of self-defence – or just anti-Kurd?

Turkey's buffer zone in Syria: self-defence – or just anti-Kurd?

Ankara accused of exacerbating racial division by allowing Turkmen minority to cross the border
Doris Lessing: Acclaimed novelist was kept under MI5 observation for 18 years, newly released papers show

'A subversive brothel keeper and Communist'

Acclaimed novelist Doris Lessing was kept under MI5 observation for 18 years, newly released papers show
Big Blue Live: BBC's Springwatch offshoot swaps back gardens for California's Monterey Bay

BBC heads to the Californian coast

The Big Blue Live crew is preparing for the first of three episodes on Sunday night, filming from boats, planes and an aquarium studio
Austin Bidwell: The Victorian fraudster who shook the Bank of England with the most daring forgery the world had known

Victorian fraudster who shook the Bank of England

Conman Austin Bidwell. was a heartless cad who carried out the most daring forgery the world had known
Car hacking scandal: Security designed to stop thieves hot-wiring almost every modern motor has been cracked

Car hacking scandal

Security designed to stop thieves hot-wiring almost every modern motor has been cracked
10 best placemats

Take your seat: 10 best placemats

Protect your table and dine in style with a bold new accessory