{"id":52059,"date":"2012-06-08T16:04:48","date_gmt":"2012-06-08T14:04:48","guid":{"rendered":"http:\/\/mybroadband.co.za\/news\/?p=52059"},"modified":"2012-06-08T16:07:02","modified_gmt":"2012-06-08T14:07:02","slug":"worst-passwords-you-can-use","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/52059-worst-passwords-you-can-use.html","title":{"rendered":"Worst passwords you can use"},"content":{"rendered":"<p>Reports recently surfaced that 6.4 million LinkedIn passwords were stolen. LinkedIn confirmed that some of their members\u2019 passwords were compromised, and asked the affected members to change their passwords.<\/p>\n<p>The <a title=\"LinkedIn\" href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/384025-LinkedIn\">LinkedIn<\/a> password hacking news emerged after a file containing 6.5 million unique hashed passwords was posted on an online forum.<\/p>\n<p>According to reports around 200,000 of these passwords were already cracked, which means that the hackers had access to the plain text password which could be used to access the member\u2019s account.<\/p>\n<p>A site called <a href=\"http:\/\/leakedin.org\/\" target=\"_blank\"><strong>LeakedIn.org<\/strong><\/a> was set up where users can check whether their LinkedIn passwords are part of the list of compromised passwords. The service creates a SHA-1 hash of an entered password, and then checks it against the hashed password list to see if your password was leaked (or even cracked).<\/p>\n<p>One of the negative effects of the LinkedIn security breach, explains web expert <a href=\"http:\/\/shiflett.org\/blog\/2012\/jun\/leakedin\" target=\"_blank\">Chris Shiflett<\/a>, is that the growing list of hundreds of thousands of cracked passwords will be used to seed rainbow tables that can be used to crack future password leaks in SHA-1 hash format.<\/p>\n<p>Because it is very difficult to reverse engineer an SHA-1 hash string, but very easy to check whether a certain password corresponds to a SHA-1 hash string (which can hence be used to access an account), it is important to select a strong password.<\/p>\n<p>You must make sure that your password is unlikely to be represented in any password list or dictionary, and is also difficult to fall victim to any brute force attack.<\/p>\n<p>A good starting point is to make sure your password is not among the list of most used (and hence worst) passwords.<\/p>\n<p>SplashData, a provider of password management applications, provided a list of the \u201c25 Worst Passwords of 2011\u201d.<\/p>\n<ol>\n<li>password<\/li>\n<li>123456<\/li>\n<li>12345678<\/li>\n<li>qwerty<\/li>\n<li>abc123<\/li>\n<li>monkey<\/li>\n<li>1234567<\/li>\n<li>letmein<\/li>\n<li>trustno1<\/li>\n<li>dragon<\/li>\n<li>baseball<\/li>\n<li>111111<\/li>\n<li>iloveyou<\/li>\n<li>master<\/li>\n<li>sunshine<\/li>\n<li>ashley<\/li>\n<li>bailey<\/li>\n<li>passw0rd<\/li>\n<li>shadow<\/li>\n<li>123123<\/li>\n<li>654321<\/li>\n<li>superman<\/li>\n<li>qazwsx<\/li>\n<li>michael<\/li>\n<li>football<\/li>\n<\/ol>\n<p>SplashData suggests making passwords more secure with these tips:<\/p>\n<ul>\n<li>Use passwords of eight characters or more with mixed types of characters. One way to create longer, more secure passwords that are easy to remember is to use short words with spaces or other characters separating them. For example, &#8220;eat cake at 8!&#8221; or &#8220;car_park_city?&#8221;<\/li>\n<li>Avoid using the same username\/password combination for multiple websites. Especially risky is using the same password for entertainment sites that you do for online e-mail, social networking, and financial services. Use different passwords for each new website or service you sign up for.<\/li>\n<li>Having trouble remembering all those different passwords? Try using a password manager application that organizes and protects passwords and can automatically log you into websites.<\/li>\n<\/ul>\n<p><strong>Related articles<\/strong><\/p>\n<p><a title=\"Beware saving passwords in your browser\" href=\"http:\/\/mybroadband.co.za\/news\/security\/41385-beware-saving-passwords-in-your-browser.html\"><strong>Beware saving passwords in your browser<\/strong><\/a><\/p>\n<p><a title=\"Do you have a weak password or PIN?\" href=\"http:\/\/mybroadband.co.za\/news\/security\/31546-do-you-have-a-weak-password-or-pin.html\"><strong>Do you have a weak password or PIN?<\/strong><\/a><\/p>\n<p><a title=\"Most common SSH passwords revealed\" href=\"http:\/\/mybroadband.co.za\/news\/general\/15215-most-common-ssh-passwords-revealed.html\"><strong>Most common SSH passwords revealed<\/strong><\/a><\/p>\n<p><a title=\"Military strength password? Think again!\" href=\"http:\/\/mybroadband.co.za\/news\/security\/32308-military-strength-password-think-again.html\"><strong>Military strength password? Think again!<\/strong><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>If your password is in the list of worst passwords to use, it is time to change it now<\/p>\n","protected":false},"author":23,"featured_media":31704,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_sma_x_autopost_status":"idle","_sma_x_autopost_error":"","_sma_x_post_id":"","_sma_x_attempts":0,"footnotes":""},"categories":[27],"tags":[35,3666,3676,12405],"class_list":["post-52059","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-headline","tag-linkedin","tag-passwords","tag-splashdata"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/52059"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/23"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=52059"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/52059\/revisions"}],"predecessor-version":[{"id":52087,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/52059\/revisions\/52087"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/31704"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=52059"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=52059"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=52059"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}