Story image

Stolen password analysis reveals bookish trend

17 Jun 11

British magazine PC Pro took a look through the list of 62,000 email usernames and passwords stolen by LulzSec to see what they could learn about password behaviour. 

Results show a distinct trend towards the bookish, with several common genres and book-related words cropping up. A security expert believed this was because the passwords were leaked from a website for aspiring authors. 

"The next most common password, however, is 'romance', at 88 occurrences (tying with the rather more prosaic '102030'). After that, with 67 occurrences, is 'mystery'.

The theme continues: skipping over some more variations on the numeric theme, other popular passwords include 'shadow' (62), 'bookworm' (54), 'reader' (52), 'reading' (47), 'booklover' (33) and 'library' (26). It all points in a clear direction; and if you’re still doubtful, perhaps the smoking gun is the fact that 30 people have chosen 'writerspace' as their password."

The most commonly used password of all, though, was the predictable '123456' and the password 'password' came in at third most common.  

Google has the following tips for making sure you pick a good password:

  • Be creative. Don't use words that can be found in a dictionary.

  • Use at least eight characters.

  • Don't use a password that you have used elsewhere.

  • Don't use keyboard patterns (asdf) or sequential numbers (1234).

  • Create an acronym. Don't use a common one, like NASA or SCUBA. Combine it with numbers and punctuation marks.

  • Include punctuation marks and numbers. Mix capital and lowercase letters.

  • Include similar looking substitutions, such as the number zero for the letter 'O' or $ for the letter 'S'.

  • Include phonetic replacements, such as 'Luv 2 Laf' for 'Love to Laugh.'

  • Don't make your password all numbers, all uppercase letters, or all lowercase letters.

  • Find ways of collecting random letters and numbers, such as opening books, looking at license plates or taking the third letter from the first ten words you see.

  • Don't use repeating characters (aa11).

  • Don't use a password that is listed as an example of how to pick a good password.

Of course, you could pick the best password in the world but if websites continue to store user information in plain-text files, then vulnerabilities will still exist. 

Photo credit: Dave Bleasdale via Flickr.

IDC: Smartphone shipments ready to stabilise in 2019
IDC expects year-over-year shipment growth of 2.6% in 2019, while the world's largest market is still forecast to be down 8.8% in 2018.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
New app conducts background checks on potential tenants
Landlords and house owners need to obtain a tenant’s full name, date of birth, email address, and mobile number in order to conduct the search. And most importantly, they have to get the tenant’s permission first.
GirlBoss wins 2018 YES Emerging Alumni of the Year Award
The people have spoken – GirlBoss CEO and founder Alexia Hilbertidou has been crowned this year’s Young Enterprise Scheme (YES) Emerging Alumni of the Year.
IDC: Standalone VR headset shipments grow 428.6% in 3Q18
The VR headset market returned to growth in 3Q18 after four consecutive quarters of decline and now makes up 97% of the combined market.
Meet Rentbot, the chatbot that can help with tenancy law
If you find yourself in a tricky situation  - or if you just want to understand your rights as a landlord or tenant, you can now turn to a chatbot for help.
PlayerUnknown’s Battlegrounds (PUBG) finally releases on PS4
PUBG on PS4 feels like it’s still in Early Access as the graphics look horribly outdated and the game runs poorly too. 
How AI can fundamentally change the business landscape
“This is an extremely interesting if not pivotal time to discuss how AI is being deployed and leveraged, both in business and at home.”