Most commonly-used online passwords in the world

Lord Farquart

Expert Member
Joined
Nov 27, 2012
Messages
4,720
Back in the NT4.0 days, when I was doing my MCSE, I was told the most common administrator username was God.
 

Fulcrum29

Honorary Master
Joined
Jun 25, 2010
Messages
45,060
Back in the NT4.0 days, when I was doing my MCSE, I was told the most common administrator username was God.

Most common... that is a extremely bad policy. That admin will be gone in my books.

Over the past 10 years the most common password I get in every organisation is P@ssw0rd with variations like P@ssw0rd1 etc. I also noticed that certain AD administrators as per the abovementioned has no policies in place and will simply setup user accounts with the very same username and password. Anyway...
 

Mike Hoxbig

Honorary Master
Joined
Apr 25, 2010
Messages
38,070
Most common... that is a extremely bad policy. That admin will be gone in my books.

Over the past 10 years the most common password I get in every organisation is P@ssw0rd with variations like P@ssw0rd1 etc. I also noticed that certain AD administrators as per the abovementioned has no policies in place and will simply setup user accounts with the very same username and password. Anyway...
It's only common because of the 'strong' password policies that have been enforced. It's difficult for people to remember, so they choose something that meets the minimum requirement, and it's not much more secure anyway. Whereas four normal words provides far better security, and it's easy to remember, as the pic above shows. I'd rather have a password requirement of 25 characters, with no restriction on special characters and capitalisation...
 

Fulcrum29

Honorary Master
Joined
Jun 25, 2010
Messages
45,060
It's only common because of the 'strong' password policies that have been enforced. It's difficult for people to remember, so they choose something that meets the minimum requirement, and it's not much more secure anyway. Whereas four normal words provides far better security, and it's easy to remember, as the pic above shows. I'd rather have a password requirement of 25 characters, with no restriction on special characters and capitalisation...

I agree, but it will also depend on the stipulated policy as agreed by the entity and the responsibility therein. Audits I had seen... troubling. Users themselves also risk security by being careless with their user privileges (or GPOs in general) shared with others. Yes, this has to do with ITIL etc. and little with personal security. However, personal device users, yoh, they don’t listen until they had been breached.

People like you whom understand risk and security has implemented a personal policy, imprinted into your consciousness. Other people simply don’t understand and is rather slow on reactiveness when a breach occurred, sometimes they don’t even apply a remedy…
 

Easter Bunny

Expert Member
Joined
Feb 14, 2007
Messages
1,725
sentences with capitals, numbers and punctuation work quite well. and in afrikaans. my wife can't log into my pc even if i tell her the password/phrase.
 

dualmeister

Honorary Master
Joined
Oct 15, 2005
Messages
40,612
I use a random password generator these days so I couldn't even tell you what half of them are anymore.

Even if I was tortured :p
 

LCBXX

Honorary Master
Joined
Apr 11, 2006
Messages
15,746
'admin' is still rock solid, not even making the top 25.
 

Bar0n

Executive Member
Joined
Nov 12, 2010
Messages
5,560
Ah man! What was the name of this cartoonist again? He had a cracking good website with a bunch of what if questions...

Somebody already posted xkcd, but his name is Randall Munroe, and he has a (decent and also funny) book out with plenty of the "What If..." questions. You can pick it up at your local Exclusive Books, probably.
 

Aghori

Honorary Master
Joined
May 11, 2009
Messages
13,066
A good password should be at least 16 characters long and should consist of a combination of letters, numbers, symbols,spaces and capitals. Do not use your name or date of birth or ID number or parts thereof. Most of my passwords are 32 characters with alplanumeric keys and some words are in different languages.
 

Impulse_One

Senior Member
Joined
Jan 8, 2014
Messages
559

Replace common words with random gibber. it will be even more secure.

One thing I find disturbing is policies. It won't work in xkcd's case: Where do I put number? Where do I put special char? Aaaaaaand must not contain common words, where xkcd's password fails.

Other thing I strongly despise, limitations like no special characters (- and _ only allowed).
 
Top