A analysis by anti-virus software company security researchers Avast revealed that hackers they seem to be using weak passwords just like everyone else. Using a sample of nearly 40.000 passwords he had collected from years of analysis malware, Avast's Antonín Hýža found that only 10 percent of passwords were secure or better yet difficult to crack.
The remaining samples yielded some interesting statistics data around the password options used by hackers. Almost none of the unique passwords in the samples contained uppercase characters, despite regular warnings from security experts to use a mix of uppercase and lowercase letters in passwords.
Most passwords used English words and phrases that include common variations of pass, root, and hax. The most commonly used word is hack, along with something else. Surprisingly, the average length of the password was just six characters, and only 52 passwords were longer than 12 characters.
Hackers of course could use simple passwords because they are not afraid of attacks by their hacker colleagues, or just to avoid using real passwords. Either way, however, hackers obviously do not use difficult codes.
