We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

LulzSec E-mail Hack Proves We're Lousy at Picking Passwords

We can all learn a lesson from the recent hacks: Even if your password wasn't exposed, change it to something stronger.

Whether you think LulzSec is doing us a favor for exposing our security weaknesses or think the hacker group has gone too far, a very old lesson can be learned here: we need to create stronger passwords. New analysis of the 62,000 logins LulzSec made publicly available reveals, yet again, our seriously weak password habits.

This certainly isn't the first time we've seen how poor some of our passwords are. Last January, one study revealed the most typical passwords used by the 32 million accounts hacked on RockYou.com were "123456" and "password". In December, analysis of 188,279 passwords stolen from Gawker showed those two passwords again as the most commonly used.

The top passwords from the LulzSec dump, according to an analysis by programmer Aviv Ben-Yosef? You guessed it: "123456", followed by "123456789" and in third place, "password".

Other top passwords from the LulzSec sample contained common words like "romance" and mystery," perhaps revealing also some users' desire for thing whole login thing to be less mundane. Other users went the simple route: about 20 percent of the passwords were all numbers.

Despite password best practices-using a mix of uppercase letters, numbers, and special characters-only 2 percent of the LulzSec passwords contained capital letters and a mere 0.85 percent contained special characters.

Ludicrous, right? If you're reading this, you probably don't need to be reminded of how imperative it is to create strong passwords and not use the same login everywhere. You probably do, however, know someone (or many people) who could benefit from you forwarding them some good old password advice, like using password managers to build better passwords (without going crazy) and how adding "789" at the end of "123456" does not make a password more secure.

Follow Melanie Pinola (@melaniepinola) and Today@PCWorld on Twitter.


IDG UK Sites

Best Black Friday 2014 tech deals UK: Latest bargains on phones, tablets, laptops and more this...

IDG UK Sites

Tech trends 2015: 3D printing grows up

IDG UK Sites

10 mind-blowing Oculus Rift experiments that reveal VR's practical potential

IDG UK Sites

Black Friday 2014 UK: Apple deals, Amazon deals & other Black Friday tech offers