We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

LulzSec E-mail Hack Proves We're Lousy at Picking Passwords

We can all learn a lesson from the recent hacks: Even if your password wasn't exposed, change it to something stronger.

Whether you think LulzSec is doing us a favor for exposing our security weaknesses or think the hacker group has gone too far, a very old lesson can be learned here: we need to create stronger passwords. New analysis of the 62,000 logins LulzSec made publicly available reveals, yet again, our seriously weak password habits.

This certainly isn't the first time we've seen how poor some of our passwords are. Last January, one study revealed the most typical passwords used by the 32 million accounts hacked on RockYou.com were "123456" and "password". In December, analysis of 188,279 passwords stolen from Gawker showed those two passwords again as the most commonly used.

The top passwords from the LulzSec dump, according to an analysis by programmer Aviv Ben-Yosef? You guessed it: "123456", followed by "123456789" and in third place, "password".

Other top passwords from the LulzSec sample contained common words like "romance" and mystery," perhaps revealing also some users' desire for thing whole login thing to be less mundane. Other users went the simple route: about 20 percent of the passwords were all numbers.

Despite password best practices-using a mix of uppercase letters, numbers, and special characters-only 2 percent of the LulzSec passwords contained capital letters and a mere 0.85 percent contained special characters.

Ludicrous, right? If you're reading this, you probably don't need to be reminded of how imperative it is to create strong passwords and not use the same login everywhere. You probably do, however, know someone (or many people) who could benefit from you forwarding them some good old password advice, like using password managers to build better passwords (without going crazy) and how adding "789" at the end of "123456" does not make a password more secure.

Follow Melanie Pinola (@melaniepinola) and Today@PCWorld on Twitter.


IDG UK Sites

Where to buy iPhone 6 and iPhone 6 Plus in the UK: Launch day price, deals and contracts

IDG UK Sites

Is Apple losing confidence in itself?

IDG UK Sites

Professional photo and video techniques for perfect colours

IDG UK Sites

How (and where) to buy an iPhone 6 or iPhone 6 Plus in the UK. Plus: What to do if you pre-ordered...