Earlier this month the user password database for Gawker Media was hacked exposing over 1.3 million users who had registered to post comments on one of several Gawker websites (Gawker, Lifehacker, Gizmodo, etc.). The hackers ultimately posted the hacked information for several thousand accounts online for anyone to download and view. More information on the hack can be found here.

After the hacked information was posted online multiple sources jumped on the opportunity to analyze the information.  Now depending on what you read, the results vary a little but most agree on the following:

The password “123456” was the most commonly found having been used by an estimated 3,057 different accounts. The password “password” came in second being used 2,188 times. The password “12345678” was used 1,205 times. Click on the read more link at the bottom of this news item to see a longer list of the most commonly used passwords. We’ve also previously posted a top 500 password list.

Now one can make a big assumption here. This was “just a commenting account” so people may not have cared if their passwords were discovered. Its not like it gave access to their bank or other financial information. The more one thinks about this the more you begin to realize this is a very bad assumption. It was also proven to be a bad assumption by the number of tweeter accounts hacked into using the same username / password combinations found in the Gawker database. Obviously people were using the same username / password combination on more then one site.

People do this frequently. I don’t know how to spell it out for you more then to say this is a big part of what we do for a living. We get paid to (legally) break into people’s password protected items. One of the first steps we use is to crack the easy passwords and then apply them to the hard to crack ones.

Do yourself a favor and don’t use the same password.

The below list is one estimate of number of users and the password associated with their accounts.

Who knew monkey, dragon and baseball were so popular?

2188 password
1205 12345678
696 qwerty
498 abc123
459 12345
441 monkey
413 111111
385 consumer
376 letmein
351 1234
318 dragon
307 trustno1
303 baseball
302 gizmodo
300 whatever
297 superman
276 1234567
266 sunshine
266 iloveyou
262 fuckyou
256 starwars
255 shadow
241 princess
234 cheese

An interesting tip on how to generate and store unique passwords by writing them down and carrying them in your pocket.

How I’d Hack Your Password

How to Audit and Update Your Passwords

4 Tips to keep your password secure.

Share This