Contrary to its popularity, "password" is not a good password.
Forget about the usual New Year's resolutions to lose weight, eat healthier, exercise more, and all those other promises that fizzle out by February. A vow we can all keep is to practice better PC security habits, and it starts with picking out passwords that aren't incredibly easy to guess. Need some help? Just have a look at a list of the worst passwords of 2012, as compiled by SplashData.
Look, we're not trying to spark a religious debate here, and if Jesus is your co-pilot, that's wonderful. But turning to 'Jesus' to secure your logins is about as ineffective as protecting your accounts with 'Ninja', which also appears on SplashData's "Worst Passwords of 2012." The self-explanatory list contains five new entries, two of which we just mentioned. What about the rest? Let's have a look.
Ruh-roh, 'Raggy: late yesterday, Nvidia announced that it has battened down the hatches and shut down both its general and Developer forums after a series of hack attacks against the sites. So far, Nvidia's investigation confirms that "unauthorized third parties" gained access to the forum-goers' usernames, email addresses, passwords and public profile information.
Misery loves company, though that probably won't come as much consolation to social networking site LinkedIn, which is now joined by at least two other sites that suffered a serious security breach at the hands of the same band of hackers. Both Last.fm and eHarmony issued separate statements confirming that some user passwords may have been compromised in the recent hacker attack.
If you're a LinkedIn user, you may want to consider changing up your password today, as well as those of any other accounts that share the same login credentials. While nothing has yet been confirmed, LinkedIn said it's currently "looking into reports of stolen passwords," reports of which are flowing through Twitter and other areas of the Internet, as well as on a Russian forum where one member claims he uploaded 6,458,020 hashed passwords.
You're not a rookie on the Internet anymore so it's inexcusable to lock down your online accounts with weaksauce passwords. We're sure your girlfriend's fly, but using her name as a password is a poor security practice, and so is using any of the commonly recognized passwords out there, like 123456 and iloveyou, to name just two. If you're serious about security, you're using multiple passwords that are difficult to guess, which can also be difficult to remember. Symantec wants to help.
Anonymous seems to be moving up in the world. After attacking a global security research firm earlier this week, elements of Anonymous have now announced a hack from a few months ago the compromised SpecialForces.com, a seller of equipment to the military and law enforcement. As per the usual pattern, the stolen data is now available online.
We won’t delve too far into it again – why beat a dead horse? – but research has proven that most people’s passwords suck, plain and simple. Sophisticated geeks may shrug their shoulders and simply laugh at the newbs, but it’s in Microsoft’s interest to build a secure operating system – hence the whole Secure Boot thing. The company’s taking an interesting approach to passwords in the upcoming Windows 8, one that mixes personal pictures and touch/mouse gestures to create a log in experience that Microsoft claims is both faster and more secure than traditional alphanumeric passwords.
There is a lot of emphasis on computer security these days. Strong passwords, encryption, the whole nine yards. Apparently no one told a community called South Houston in Texas, USA. According to various confirmed reports, the municipality was using a simple three-character password to protect its Internet-facing SCADA system, which controls water and sewage systems. This system was accessed by a hacker known only as pr0f as a proof of concept. Yikes.
In case you missed it the first time around, research has already proved that your password probably sucks. That research, by Microsoft MVP Troy Hunt, was based on a sampling of roughly 37,000 leaked Sony Pictures passwords leaked by LulzSec earlier this year. 37,000 password is chump change to Splashdata, the makers of a password management app, who sifted through millions of passwords that were dumped online during the hacktastic year that was 2011 and came up a list of the 25 passwords used most often by hacking victims. Is yours on the list?