Story image

Stolen password analysis reveals bookish trend

17 Jun 2011

British magazine PC Pro took a look through the list of 62,000 email usernames and passwords stolen by LulzSec to see what they could learn about password behaviour. 

Results show a distinct trend towards the bookish, with several common genres and book-related words cropping up. A security expert believed this was because the passwords were leaked from a website for aspiring authors. 

"The next most common password, however, is 'romance', at 88 occurrences (tying with the rather more prosaic '102030'). After that, with 67 occurrences, is 'mystery'.

The theme continues: skipping over some more variations on the numeric theme, other popular passwords include 'shadow' (62), 'bookworm' (54), 'reader' (52), 'reading' (47), 'booklover' (33) and 'library' (26). It all points in a clear direction; and if you’re still doubtful, perhaps the smoking gun is the fact that 30 people have chosen 'writerspace' as their password."

The most commonly used password of all, though, was the predictable '123456' and the password 'password' came in at third most common.  

Google has the following tips for making sure you pick a good password:

  • Be creative. Don't use words that can be found in a dictionary.

  • Use at least eight characters.

  • Don't use a password that you have used elsewhere.

  • Don't use keyboard patterns (asdf) or sequential numbers (1234).

  • Create an acronym. Don't use a common one, like NASA or SCUBA. Combine it with numbers and punctuation marks.

  • Include punctuation marks and numbers. Mix capital and lowercase letters.

  • Include similar looking substitutions, such as the number zero for the letter 'O' or $ for the letter 'S'.

  • Include phonetic replacements, such as 'Luv 2 Laf' for 'Love to Laugh.'

  • Don't make your password all numbers, all uppercase letters, or all lowercase letters.

  • Find ways of collecting random letters and numbers, such as opening books, looking at license plates or taking the third letter from the first ten words you see.

  • Don't use repeating characters (aa11).

  • Don't use a password that is listed as an example of how to pick a good password.

Of course, you could pick the best password in the world but if websites continue to store user information in plain-text files, then vulnerabilities will still exist. 

Photo credit: Dave Bleasdale via Flickr.

Game review: Crackdown 3 launches on Xbox One and PC
Crackdown 3 is an average game that may have come out 10 years too late, writes Damian Seeto.
WhatsApp users warned to change voicemail PINs
Attackers are allegedly gaining access to users’ WhatsApp accounts by using the default voicemail PIN to access voice authentication codes.
50 million tonnes of e-waste: IT faces sustainability challenges
“Through This is IT, we want to help people better understand the problem of today’s linear “take, make, dispose” thinking around IT products and its effects like e-waste, pollution and climate change."
Vocus & Vodafone unbundle NZ's fibre network
“Unbundling fibre will provide retail service providers with a flexible future-proofed platform regardless of what tomorrow brings."
NZ Cricket ups data analytics game with Qrious
The Black Caps and White Ferns have implemented a data and analytics solution from Qrious to monitor and improve game strategy and player performance.
Gartner: Smartphone biometrics coming to the workplace
Gartner predicts increased adoption of mobile-centric biometric authentication and SaaS-delivered IAM.
Samsung & Trade Me offer AI-powered shopping
The smartphone camera & AI-powered tech, Trade Me says, is a ‘glimpse into the future of shopping’.
Neill Blomkamp's 'Conviction' is a prequel to BioWare's Anthem
You may remember Neill Blomkamp’s name from such films as District 9, Chappie, and Elysium. If you’ve seen any of those films, the short teaser trailer will seem somewhat familiar to you.