Jump to content



Photo

'123456' tops Adobe password list

usa cyber attack data analysis bad habits active users

  • Please log in to reply
18 replies to this topic

#1 Hum

Hum

    totally wAcKed

  • 60,876 posts
  • Joined: 05-October 03
  • Location: Odder Space
  • OS: Windows XP, 7

Posted 06 November 2013 - 04:43

"123456" was the most popular password among the millions of Adobe users whose details were stolen during an attack on the company.

About 1.9 million people used the sequence, according to analysis of data lost in the leak.

Online copies of the data have let security researchers find out more about users' password-creating habits.

The analysis suggests that many people are making it easy for attackers by using easy-to-guess passwords.

On 4 October, Adobe reported that its systems had been penetrated by attackers who had stolen the online credentials for millions of its users.

Early reports suggested about 2.9 million records had been compromised.

On 30 October, this figure was revised, with Adobe saying information about 38 million active users had gone astray.

In total, information about more than 150 million accounts was stolen - but many of the other accounts were disused, abandoned or duplicates.

 

Adobe has now shut down all the compromised accounts, saying it will only reopen them once passwords have been changed.

 

Copies of the data that was exposed by the breach have begun circulating online and inspired security researcher Jeremi Gosney to go through it working out which password was most popular.


Top 20 passwords

    123456
    123456789
    password
    adobe123
    12345678
    qwerty
    1234567
    111111
    photoshop
    123123
    1234567890
    000000
    abc123
    1234
    adobe1
    macromedia
    azerty
    iloveyou
    aaaaaa
    654321

more




#2 sagum

sagum

    Unicorn Doctor

  • 1,710 posts
  • Joined: 09-October 08
  • Location: England
  • OS: Mac OS X 10.9 / Windows 7/8.1
  • Phone: LG E900 & Lumia` 610/520/920

Posted 06 November 2013 - 04:57

That's what happens when you make people register to do stupid simple stuff on your site.



#3 nitins60

nitins60

    Neowinian

  • 485 posts
  • Joined: 20-January 08

Posted 06 November 2013 - 05:12

I guess I am one of them too. I don't need that account, though they ask me to register for every silly thing and I can't remember all :)



#4 +warwagon

warwagon

    Only you can prevent forest fires.

  • 24,759 posts
  • Joined: 30-November 01
  • Location: Iowa

Posted 08 November 2013 - 15:49

A few weeks ago Steve Gibson on Security now said...

 

Steve: And look at the appreciation that really has - it took a long time. But people now understand not to use "password" as their password.

 

 

At the time I heard that I thought, are you kidding me? Who are you talking about, the security now audience or the average user? The average user still uses single dictionary words as their password.

 

I was helping one of my customers set up their ISP email. I asked her I said, "What is your email password" ... she said "Internet".... I said ..umm ....really?

 

One time I got a call from a mother about her son who's Facebook account was hacked. After I walked her through changing the password, I asked her "what was your sons facebook password before?" ... she said "Football"

 

When i'm helping people set up Gmail accounts, I ask them, ok pick a password, they say stuff like... how about "_____" then they will proceed to give me a single dictionary word... I tell them, um NO!



#5 +fusi0n

fusi0n

    The Crazy One

  • 3,493 posts
  • Joined: 08-July 04
  • OS: OSX 10.9
  • Phone: iPhone 5S 64GB

Posted 08 November 2013 - 15:51

####. i guess i need to change my password



#6 +DConnell

DConnell

    Madman with a blue box

  • 1,293 posts
  • Joined: 16-July 04
  • Location: Honey Brook PA
  • OS: Windows 8.1 (and loving it!)
  • Phone: Windows Phone 7

Posted 08 November 2013 - 16:00

"123456" was the most popular password among the millions of Adobe users whose details were stolen during an attack on the company.

 

"That's amazing! I have the same combination on my luggage!"



#7 Geoffrey B.

Geoffrey B.

    LittleNeutrino

  • 15,469 posts
  • Joined: 25-July 05
  • Location: Newark, Ohio
  • OS: Windows 8.1
  • Phone: Nokia Lumia 928

Posted 08 November 2013 - 16:06

it compares nicely to the Security Standard top passwords used in 2013 (at least to start with. then it gets weird)

  1. password
  2. 123456
  3. 12345678
  4. 1234
  5. qwerty
  6. 12345
  7. dragon
  8. pussy
  9. baseball
  10. football
  11. letmein
  12. monkey
  13. 696969
  14. abc123
  15. mustang
  16. michael
  17. shadow
  18. master
  19. jennifer
  20. 111111
  21. 2000
  22. jordan
  23. superman
  24. harley
  25. 1234567


#8 primexx

primexx

    Neowinian Senior

  • 12,579 posts
  • Joined: 24-April 05

Posted 08 November 2013 - 21:21

where do i obtain a copy of the dump? I need to verify what password I used on it and the Adobe login screen right now just resets everything whether you typed in a correct or wrong old password.



#9 JJ_

JJ_

    Neowinian

  • 664 posts
  • Joined: 31-July 05

Posted 08 November 2013 - 21:31

My neowin password is on that list :woot:



#10 Skin

Skin

    Neowinian

  • 1,054 posts
  • Joined: 11-April 07

Posted 08 November 2013 - 21:34

Wait, they said the passwords were encrypted. Does this mean that they cracked the encryption, or stole the keys as well? Or just brute forced the ones above?



#11 threetonesun

threetonesun

    Neowinian Senior

  • 11,943 posts
  • Joined: 26-February 02

Posted 08 November 2013 - 21:39

 

it compares nicely to the Security Standard top passwords used in 2013 (at least to start with. then it gets weird)

 

I think it gets weird at dragon. A lot of the later ones I understand, but dragon?  :dog:

 

I do like *****. It's like millions of people think they're clever by turning asterisks into asterisks. Obviously that's at least ten times more secure.



#12 +LimeMaster92

LimeMaster92

    LippyZillaD Council ( ͡° ͜ʖ ͡°)

  • 7,325 posts
  • Joined: 28-August 10
  • Location: On a laptop
  • OS: Windows 8.1 Pro RTM with Media Center x64
  • Phone: Nokia Lumia 920

Posted 08 November 2013 - 21:53

Some of the top Adobe account passwords seem a bit random like azerty and iloveyou. :huh: :laugh:



#13 +Lovell

Lovell

    ,l,(-.-),l,

  • 1,614 posts
  • Joined: 14-November 03
  • Location: Great Britain

Posted 08 November 2013 - 22:00

Some of the top Adobe account passwords seem a bit random like azerty and iloveyou. :huh: :laugh:

 

 

The French have AZERTY keyboards rather than QWERTY, I ####ing hate passwords, personally I prefer Google and Steams way of sending out a text or an email to confirm when you login.



#14 XorpiZ

XorpiZ

    Neowinian

  • 199 posts
  • Joined: 13-July 12

Posted 08 November 2013 - 22:06

I guess I am one of them too. I don't need that account, though they ask me to register for every silly thing and I can't remember all :)

 

Basically this. There's no secret info in your Adobe-account (unless you're a CC-subscriber, but there aren't too many of those), so there's really no need for a secure password.

 

I couldn't care less, if someone broke into my Adobe-account and downloaded trials using my login. 



#15 +LimeMaster92

LimeMaster92

    LippyZillaD Council ( ͡° ͜ʖ ͡°)

  • 7,325 posts
  • Joined: 28-August 10
  • Location: On a laptop
  • OS: Windows 8.1 Pro RTM with Media Center x64
  • Phone: Nokia Lumia 920

Posted 08 November 2013 - 22:09

The French have AZERTY keyboards rather than QWERTY, I ****ing hate passwords, personally I prefer Google and Steams way of sending out a text or an email to confirm when you login.

Interesting, never would have thought the French would have different keyboards, but I guess it makes sense. :) Also, I prefer passwords, but I can see why you prefer other methods.





Click here to login or here to register to remove this ad, it's free!