Earlier this month the user password database for Gawker Media was hacked exposing over 1.3 million users who had registered to post comments on one of several Gawker websites (Gawker, Lifehacker, Gizmodo, etc.). The hackers ultimately posted the hacked information for several thousand accounts online for anyone to download and view. More information on the hack can be found here.
After the hacked information was posted online multiple sources jumped on the opportunity to analyze the information. Now depending on what you read, the results vary a little but most agree on the following:
The password “123456” was the most commonly found having been used by an estimated 3,057 different accounts. The password “password” came in second being used 2,188 times. The password “12345678” was used 1,205 times. Click on the read more link at the bottom of this news item to see a longer list of the most commonly used passwords. We’ve also previously posted a top 500 password list.
Now one can make a big assumption here. This was “just a commenting account” so people may not have cared if their passwords were discovered. Its not like it gave access to their bank or other financial information. The more one thinks about this the more you begin to realize this is a very bad assumption. It was also proven to be a bad assumption by the number of tweeter accounts hacked into using the same username / password combinations found in the Gawker database. Obviously people were using the same username / password combination on more then one site.
People do this frequently. I don’t know how to spell it out for you more then to say this is a big part of what we do for a living. We get paid to (legally) break into people’s password protected items. One of the first steps we use is to crack the easy passwords and then apply them to the hard to crack ones.
Do yourself a favor and don’t use the same password.
The below list is one estimate of number of users and the password associated with their accounts.
Who knew monkey, dragon and baseball were so popular?
An interesting tip on how to generate and store unique passwords by writing them down and carrying them in your pocket.
4 Tips to keep your password secure.