100 worse passwords than Ashley Madison's hack

On September 6th we published for the first time, the 10 worst passwords s from the hack on Ashley Madison's page.

Ένα μήνα μετά τη γνωστοποίηση της παράβασης της ιστοσελίδας Ashley Madison, οι hackers κυκλοφόρησαν το πρώτο πακέτο των κλεμμένων δεδομένων. Οι διευθύνσεις ηλεκτρονικού ταχυδρομείου, κωδικοί πρόσβασης, και οι συναλλαγές που είχαν πραγματοποιηθεί με πιστωτική κάρτα, διέρρευσαν από τις 18 Αυγούστου. Λίγες μέρες μετά εμφανίστηκαν περισσότερα δεδομένα, που συμπεριλάμβαναν: εσωτερικά μηνύματα ηλεκτρονικού ταχυδρομείου με τη μητρική of the website, Avid Media Life.security Ashley Madison Ashley Madison

The tens of millions of passwords, leaked from Ashley Madison's page, were encrypted, with bcrypt. Robert Graham security researcher at Errata Security, Reported on their blog, that the event was a "refreshing change." This means that users with strong passwords are "secure."

But we can not say the same about weak passwords.

Security expert Dean Pierce Reported how he managed to break the encryption of weak passwords with "cracking rig."

The results should not surprise us. Using weak passwords on the site was terrible.

Pierce spent five days running an automated "break" of passwords, and stopped about 0,0006 percent of all data leaked. However, this means 4.000 decrypted passwords.

The most common password was the known "123456", while the so-called "Password"Was ranked second. (You can download the full list from Google Drive, by Pierce.)

It is worth noting that in the case of Ashley Madison, it is not clear at what point in time the data with the passwords leaked. It is likely that the website allowed weak passwords in the first days of its operation, and later required stronger when signing up for the site. .

"It may also be impossible to break any bcrypt password, but given that many users are using weak codes, it does not matter if the passwords are bcrypted and salted. Some will break. "

See 100's worst passwords from Ashley Madison's hack

 

Passwords Times Used
123456 120,511
12345 48,452
Password 39,448
default 34,275
123456789 26,620
QWERTY 20,778
12345678 14,172
abc123 10,869
p *** y 10,683
1234567 9,468
696969 8.801
ashley 8,793
f ** kme 7,893
Football 7,872
baseball 7,710
f ** kyou 7458
111111 7,048
1234567890 6,572
ashleymadison 6,213
password1 5,959
madison 5,219
and ** sticks 5,052
superman 5,023
mustang 4,865
harley 4,815
654321 4,729
123123 4,612
Hello 4,425
monkey 4,296
000000 4,240
hockey 4,191
letmein 4,140
11111 4,077
Friendly 3,936
cheater 3,908
kazuga 3,871
hunter 3,869
shadow 3,831
michael 3,743
121212 3,713
666666 3,704
I love you 3,671
qwertyuiop 3,599
secret 3,522
buster 3,402
Horny 3,389
Jordan 3,368
hosts 3,295
zxcvbnm 3,280
Asdfghjkl 3,174
a 3,156
golden dragon 3,152
987654 3,123
3,087
bigd ** k 3,058
sunshine 3,058
Yankees 2,995
asdfg 2,981
2,963
Batman 2,935
whatever 2,882
charlie 2,860
f ** koff 2,794
money 2,686
pepper 2,656
jessica 2,648
but I do not understand what you wrote 2,617
1qaz2wsx 2,609
987654321 2,606
andrew 2,549
qazwsx 2,526
dallas 2,516
55555 2,501
131313 2,498
abcd1234 2,489
anthony 2,487
steelers 2,470
asdfgh 2,468
jennifer 2,442
killer 2,407
cowboys 2,403
2,395
jordan23 2,390
robert 2,372
maggie 2,357
looking 2,333
Thomas 2,331
George 2,330
2,298
7777777 2,294
amanda 2,273
summer 2,263
qwert 2,263
princess 2,258
creak 2,252
william 2,245
2,237
jackson 2,227
tigger 2,224
2,212

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).