I was particularly intrigued by the numbers. Of the 450,000 passwords, close to a half a million, there were 2,925 instances of "12345" being used for the password. That's 3,000 users who had a guessable password. If I ever became a hacker, and wanted to get into someone's account, I would try 12345 as a password.
But there are other choices. As we saw with the LinkedIn crack, a viable percentage used 'linkedin' as the password. In other words, they use the site that they are accessing as the password. Even more simple, in the Yahoo case, 780 people used the word 'password' as their password.
Lax security measures like this make account hacking very easy.
No comments:
Post a Comment