Close X
Friday, November 22, 2024
ADVT 
Tech

32 Passwords You Should Never Use Unless You Are Begging To Be Hacked

Darpan News Desk IANS, 01 Nov, 2019 06:15 PM

    In what may have been an exhaustive ordeal, security researchers have dug deep into the dark web, forums, social networks, chat channels and website that are hidden from regular web browsers where stolen data such as credentials are commonly traded between cybercrimanls.


    The researchers have stated that there are more than 21 million credentials that belong to Fortune 500 companies with 95 per cent of these included in plaintext passwords that were either stored unencrypted or cracked by cybercriminals.

     

    The ImmuniWeb researchers analysed nearly 20 million passwords and claim that only 4.9 million were unique.


    Out of the remaining, some of the passwords were commonly used than others.


    As per a related report by Forbes, Davey Winder states, “the research also revealed some interesting facts on an industry by industry basis. Retail was by far and away the industry with the weakest passwords, being those under eight characters, dictionary words, or system defaults.


    The following four sectors were much more closely grouped and were as follows: telecommunications, industrials, transportation, and financials.”


    The industries with the highest number of stolen credentials were quite alarming. Technology was at the highest with 5 million exposed passwords. This was followed by financials with 4.9 million passwords. After this, healthcare at 1.9 million, industrials at 1.8 million and energy at 1.7 million.


    The report adds that about 42 per cent of all the stolen passwords were linked in one way or the other to the company name concerned or the breached resource. It comes as no surprise then that attackers were able to “brute-force” these passwords “which means they could have a computer program try every dictionary word and common variations using numerical or special character replacements until the password was found.”


    Ilia Kolochenko, CEO and founder of ImmuniWeb states, “The disastrous situation with weak passwords may first appear to be easily addressable by standard technical means. however, in light of the wide and dynamic spectrum of corporate and third-party systems handling confidential or sensitive data, this task becomes virtually unfeasible."


    To this effect Winder states that this is true as several organisations have no concrete means to authorize password policies of their IT providers and partners which in turn exposes the corporate accounts to weak passwords which eventually leads to compromises.


    Kolochenko says, “Two-factor authentication (2FA) is no panacea. worse, as some researches have recently demonstrated, may undermine security if incorrectly implemented." He recommends, “Holistic visibility of your digital assets and data, coherent identity and access management (IAM) program covering third-parties and third-party risk mitigation strategy are essential to protect your organization.”


    Here is a look at the 32 passwords you should never use:


    000000

    111111

    112233

    123456

    12345678

    123456789

    1qaz2wsx

    3154061

    456a33

    66936455

    789_234

    aaaaaa

    abc123

    career121

    carrier

    comdy

    cheer!

    cheezy

    Exigent

    old123ma

    opensesame

    pass1

    passer

    passw0rd

    password

    password1

    penispenis

    snowman

    soccer1

    student

    welcome

    !qaz1qaz

     

    MORE Tech ARTICLES

    A Beginner’s Guide to Airbnb

    A Beginner’s Guide to Airbnb
    Since it’s inception in 2008, Airbnb has grown into one of the biggest disrupters of the hotel industry

    A Beginner’s Guide to Airbnb

    British Columbia Bullish On Indian Tech Firms: Jinny Sims

    British Columbia Bullish On Indian Tech Firms: Jinny Sims
    Meet Jinny Jogindera Sims, who was born in Jalandhar in Punjab and migrated at age nine to England where she got a B.Ed degree at the University of Manchester.

    British Columbia Bullish On Indian Tech Firms: Jinny Sims

    Death Of The Password? New Web Standard Trades Passcodes For Biometrics

    "Over time I saw there was a convenience there and I was able to learn what was happening," she says.

    Death Of The Password? New Web Standard Trades Passcodes For Biometrics

    Facebook Deploys ‘Secret Police’ Led By Indian-American Sonya Ahuja To Catch Leakers

    Facebook Deploys ‘Secret Police’ Led By Indian-American Sonya Ahuja To Catch Leakers
    Mark Zuckerberg hosts weekly meetings where he shares details of unreleased new products and strategies in front of thousands of employees, the report said.

    Facebook Deploys ‘Secret Police’ Led By Indian-American Sonya Ahuja To Catch Leakers

    Twitter Appoints IIT-Bombay Alumnus Parag Agrawal As New CTO

    Twitter Appoints IIT-Bombay Alumnus Parag Agrawal As New CTO
    Twitter has appointed distinguished engineer Parag Agrawal, an alumnus of Indian Institute of Technology-Bombay (IIT-B), as its Chief Technology Officer, according to an update at the microblogging site.

    Twitter Appoints IIT-Bombay Alumnus Parag Agrawal As New CTO

    Facebook, Google Making Profits From ‘Pop-up’ Brothels: Report

    Britain’s National Crime Agency (NCA) has accused Facebook and Google of raking in profits from “pop-up” brothels on their platforms.

    Facebook, Google Making Profits From ‘Pop-up’ Brothels: Report