People use stupid passwords, it is a fact that we’ve known since passwords became important for accessing online services. At the end of last month Cybercriminals hacked Adobe’s systems, managing to expose 130 million encrypted passwords. Yet the encryption was so weak that almost all of the passwords have now been converted into plain text equivalents. This is because Adobe used the Triple DES (3DES) hashing algorithm according to Softpedia, and this algorithm provides some clues to what the password might be. If you combine that with the fact Adobe’s database also contained password hints, it has made it very easy for security experts to crack these passwords.
Of those 130 million hacked passwords, 1.9 million of them were “123456”, 0.45 million were “123456789”, 0.35 million were “password” and 0.2 million were “adobe123”. Scrolling down the below list you can see the usual array of lazy passwords that are as rubbish as they are insecure. It goes without saying that if your password for any website or service can be found below then you really need to be changing it pretty quickly to something much stronger.
Image #1 courtesy of Adobe and image #2 courtesy of Stricture Consulting Group