{"id":85422,"date":"2018-02-06T16:42:18","date_gmt":"2018-02-06T21:42:18","guid":{"rendered":"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/"},"modified":"2022-03-19T16:33:08","modified_gmt":"2022-03-19T20:33:08","slug":"worst-passwords-2017","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/worst-passwords-2017\/","title":{"rendered":"Worst Passwords &#8211; 2017"},"content":{"rendered":"<p><a href=\"https:\/\/hothardware.com\/news\/elcomsofts-internet-password-breakers-scares-the-crap-out-of-us\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-104089\" title=\"Worst Passwords - 2017\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/Password_Dog-1-e1568325979864-150x118.jpg?resize=128%2C100&#038;ssl=1\" alt=\"Worst Passwords - 2017\" width=\"128\" height=\"100\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/Password_Dog-1-e1568325979864.jpg?resize=150%2C118&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/Password_Dog-1-e1568325979864.jpg?resize=75%2C59&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/Password_Dog-1-e1568325979864.jpg?w=462&amp;ssl=1 462w\" sizes=\"auto, (max-width: 128px) 100vw, 128px\" \/><\/a>Today is &#8220;<strong><a href=\"https:\/\/beinternetawesome.withgoogle.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Safer Internet Day<\/a><\/strong>&#8221; which is needed. Despite the spate of well-publicized hacks, attacks, ransoms, and even extortion attempts, <strong>millions of people continue to use weak, easily guessable passwords<\/strong> to protect their online information. <a href=\"https:\/\/www.splashdata.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">SplashData<\/a>, provider of password management applications has released its annual <a href=\"https:\/\/web.archive.org\/web\/20220508112903\/https:\/\/www.teamsid.com\/wp-content\/uploads\/2017\/12\/Top-100-Worst-Passwords-of-2017a.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">Worst Passwords of the Year<\/a> (NSFW) list. The seventh annual report was compiled from more than five million passwords leaked during 2017.<\/p>\n<p>F<a href=\"https:\/\/www.splashdata.com\/\" target=\"_blank\" rel=\"SplashData logo noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-104093 size-full\" title=\"SplashData logo\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/splashdata_logo.png?resize=133%2C45&#038;ssl=1\" alt=\"SplashData logo\" width=\"133\" height=\"45\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/splashdata_logo.png?w=133&amp;ssl=1 133w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/splashdata_logo.png?resize=75%2C25&amp;ssl=1 75w\" sizes=\"auto, (max-width: 133px) 100vw, 133px\" \/><\/a>or the fourth consecutive year, &#8220;<strong>123456<\/strong>&#8221; and &#8220;<strong>password<\/strong>&#8221; held on to the number 1 and #2 spots on the\u00a0SplashData list. Variations of each, either with extra digits on the numerical string or replacing the &#8220;o&#8221; with a &#8220;0&#8221; in &#8220;password,&#8221; make up six of the top 10 most often used passwords. Morgan Slain, CEO of SplashData warns, <em>&#8220;Hackers know your tricks, and merely tweaking an easily guessable password does not make it secure.<\/em>&#8221;<\/p>\n<h3>Star Wars is popular<\/h3>\n<p><strong><a href=\"https:\/\/www.starwars.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Star Wars<\/a><\/strong> fans were so excited by the recent premiere of &#8220;<a href=\"http:\/\/www.imdb.com\/title\/tt2527336\/\" target=\"_blank\" rel=\"noopener noreferrer\">Star Wars: The Last Jedi<\/a>&#8220;, that they moved &#8220;starwars&#8221; up to #16 on the most frequently used bad passwords list. SplashData&#8217;s Slain observed that it is not a good password.<\/p>\n<p style=\"padding-left: 30px;\"><em> Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, &#8216;starwars&#8217; is a dangerous password to use &#8230; Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words.<\/em><\/p>\n<p>Another problem with many of these bad passwords, they are simply a <strong>straight row of characters across the keyboard<\/strong> making them easy for attackers to guess. Pattern passwords in the bad list include:<\/p>\n<ul>\n<li><a href=\"https:\/\/lenspeaks.blogspot.com\/2015\/08\/the-sunday-memory-drawer-summer-games.html\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright\" title=\"Password\" src=\"https:\/\/i0.wp.com\/3.bp.blogspot.com\/-gjMrbW10s7A\/VbprUx5yquI\/AAAAAAAAOyc\/PVdeqdh_s14\/s400\/password.jpg?resize=294%2C147&#038;ssl=1\" alt=\"Password\" width=\"294\" height=\"147\" \/><\/a>12345<\/li>\n<li>123456<\/li>\n<li>1234567<\/li>\n<li>12345678<\/li>\n<li>123456789<\/li>\n<li>qwerty<\/li>\n<li>qazwsx<\/li>\n<li>1qaz2wsx<\/li>\n<\/ul>\n<h3>SplashData&#8217;s 25 worst passwords of 2017:<\/h3>\n<p style=\"padding-left: 30px;\">1 &#8211; 123456<br \/>\n2 &#8211; password<br \/>\n3 &#8211; 12345678<br \/>\n4 &#8211; qwerty<br \/>\n5 &#8211; 12345<br \/>\n6 &#8211; 123456789<br \/>\n7 &#8211; letmein<br \/>\n8 &#8211; 1234567<br \/>\n9 &#8211; football<br \/>\n<a href=\"https:\/\/web.archive.org\/web\/20210909190836\/http:\/\/www.mythweb.com\/encyc\/entries\/sisyphus.html\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-104095 size-medium\" title=\"Sisyphus\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/sisyphus-e1568326257366-141x150.gif?resize=141%2C150&#038;ssl=1\" alt=\"Sisyphus\" width=\"141\" height=\"150\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/sisyphus-e1568326257366.gif?resize=141%2C150&amp;ssl=1 141w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/sisyphus-e1568326257366.gif?resize=71%2C75&amp;ssl=1 71w\" sizes=\"auto, (max-width: 141px) 100vw, 141px\" \/><\/a>10 &#8211; iloveyou<br \/>\n11 &#8211; admin<br \/>\n12 &#8211; welcome<br \/>\n13 &#8211; monkey<br \/>\n14 &#8211; login<br \/>\n15 &#8211; abc123<br \/>\n16 &#8211; starwars<br \/>\n17 &#8211; 123123<br \/>\n18 &#8211; dragon<br \/>\n19 &#8211; passw0rd<br \/>\n20 &#8211; master<br \/>\n21 &#8211; hello<br \/>\n22 &#8211; freedom<br \/>\n23 &#8211; whatever<br \/>\n24 &#8211; qazwsx<br \/>\n25 &#8211; trustno1<\/p>\n<p>SplashData estimates almost <strong>10% of people<\/strong> have used at least one of the 25 worst passwords on this year&#8217;s list, and nearly <strong>3% of people have used the worst password<\/strong>, 123456.<\/p>\n<p>SplashData offers these tips to be safer from hackers online:<\/p>\n<p style=\"padding-left: 30px;\">1. Use passphrases of twelve characters or more with mixed types of characters including upper and lower cases.<br \/>\n2. Use a different password for each of your website logins. If a hacker gets your password they will try it to access other sites.<br \/>\n3. Protect your assets and personal identity by using a password manager to organize passwords, generate secure random passwords, and automatically log into websites.<\/p>\n<p><strong><em>rb-<\/em><\/strong><\/p>\n<p><em>Sighs &#8211; I covered this again and again &#8230;&#8230;<\/em><\/p>\n<p><em>One <a href=\"https:\/\/www.informationsecuritybuzz.com\/articles\/the-importance-of-strong-passwords\/\" target=\"_blank\" rel=\"noopener noreferrer\">older report<\/a> I&#8217;ve seen says that attackers were able to crack open 254,776 of 499,556\u00a0 (51%) hashed passwords within 24 hours and 439,610 (88%) within two weeks. The same report says that it can only take <strong>one day to crack an eight-character password<\/strong>, while it takes an average of 591 days to crack a 10 character password.\u00a0<\/em><\/p>\n<p><em>Another <a href=\"https:\/\/www.digicert.com\/blog\/3-reasons-for-strong-password-policy\/\" target=\"_blank\" rel=\"noopener noreferrer\">report<\/a> on password hacks points out the value of each additional character in a password. <\/em><\/p>\n<ul>\n<li><em>A 6-character password with only letters has 308,915,776 possible combinations.<\/em><\/li>\n<li><em>An 8-character password with only letters has 208,827,064,576 possible combinations.<\/em><\/li>\n<li><em>An <b>8-character password<\/b> with <b>letters <\/b>(upper &amp; lower case) and includes <b>numbers <\/b>and <b>symbols <\/b>has <b>6,095,689,385,410,816 possible combinations<\/b>.<\/em><\/li>\n<\/ul>\n<p><strong>Related article<\/strong><\/p>\n<ul>\n<li><a href=\"https:\/\/www.buzzfeed.com\/josephbernstein\/survey-says-people-have-way-too-many-passwords-to-remember\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Survey Says: People Have Way Too Many Passwords To Remember<\/a>\u00a0<a href=\"https:\/\/www.buzzfeed.com\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">(BuzzFeed)<\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><em><a title=\"Ralph Bach\" href=\"https:\/\/rbach.net\/index.php\/new-resume\/\" target=\"_blank\" rel=\"noopener noreferrer\">Ralph Bach<\/a>\u00a0has been in IT long enough to know better and has blogged from his\u00a0<a title=\"Bach Seat\" href=\"https:\/\/rbach.net\/\" target=\"_blank\" rel=\"noopener noreferrer\">Bach Seat<\/a> about IT, careers, and anything else that catches his attention since 2005. You can follow him on <a class=\"broken_link\" href=\"http:\/\/www.linkedin.com\/in\/rb48334\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">LinkedIn<\/a>,\u00a0<a href=\"https:\/\/www.facebook.com\/ralph.bach.14\" target=\"_blank\" rel=\"noopener noreferrer\">Facebook<\/a>,\u00a0and\u00a0<a href=\"https:\/\/twitter.com\/rbach48334\" target=\"_blank\" rel=\"noopener noreferrer\">Twitter<\/a>. Email the Bach Seat\u00a0<a href=\"mailto:\/\/bach.seat@gmail.com\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The worst passwords of 2017 were: 123456, password, 12345678, qwerty &#038; 12345 If yours is on that list change it right away<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[3046,3038,2541,951,4,2351,1645,3635],"class_list":["post-85422","post","type-post","status-publish","format-standard","hentry","category-security","tag-3046","tag-best-practices","tag-passwords","tag-pii","tag-security","tag-splashdata","tag-star-wars","tag-worst-practices"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/85422","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/comments?post=85422"}],"version-history":[{"count":8,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/85422\/revisions"}],"predecessor-version":[{"id":132431,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/85422\/revisions\/132431"}],"wp:attachment":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/media?parent=85422"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/categories?post=85422"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/tags?post=85422"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}