19 posts in this topic

Posted

"123456" was the most popular password among the millions of Adobe users whose details were stolen during an attack on the company.

About 1.9 million people used the sequence, according to analysis of data lost in the leak.

Online copies of the data have let security researchers find out more about users' password-creating habits.

The analysis suggests that many people are making it easy for attackers by using easy-to-guess passwords.

On 4 October, Adobe reported that its systems had been penetrated by attackers who had stolen the online credentials for millions of its users.

Early reports suggested about 2.9 million records had been compromised.

On 30 October, this figure was revised, with Adobe saying information about 38 million active users had gone astray.

In total, information about more than 150 million accounts was stolen - but many of the other accounts were disused, abandoned or duplicates.

 

Adobe has now shut down all the compromised accounts, saying it will only reopen them once passwords have been changed.

 

Copies of the data that was exposed by the breach have begun circulating online and inspired security researcher Jeremi Gosney to go through it working out which password was most popular.


Top 20 passwords

    123456
    123456789
    password
    adobe123
    12345678
    qwerty
    1234567
    111111
    photoshop
    123123
    1234567890
    000000
    abc123
    1234
    adobe1
    macromedia
    azerty
    iloveyou
    aaaaaa
    654321

more

Share this post


Link to post
Share on other sites

Posted

That's what happens when you make people register to do stupid simple stuff on your site.

8 people like this

Share this post


Link to post
Share on other sites

Posted

I guess I am one of them too. I don't need that account, though they ask me to register for every silly thing and I can't remember all :)

Share this post


Link to post
Share on other sites

Posted

A few weeks ago Steve Gibson on Security now said...

 

Steve: And look at the appreciation that really has - it took a long time. But people now understand not to use "password" as their password.

 

 

At the time I heard that I thought, are you kidding me? Who are you talking about, the security now audience or the average user? The average user still uses single dictionary words as their password.

 

I was helping one of my customers set up their ISP email. I asked her I said, "What is your email password" ... she said "Internet".... I said ..umm ....really?

 

One time I got a call from a mother about her son who's Facebook account was hacked. After I walked her through changing the password, I asked her "what was your sons facebook password before?" ... she said "Football"

 

When i'm helping people set up Gmail accounts, I ask them, ok pick a password, they say stuff like... how about "_____" then they will proceed to give me a single dictionary word... I tell them, um NO!

Share this post


Link to post
Share on other sites

Posted

######. i guess i need to change my password

1 person likes this

Share this post


Link to post
Share on other sites

Posted

"123456" was the most popular password among the millions of Adobe users whose details were stolen during an attack on the company.

 

"That's amazing! I have the same combination on my luggage!"

2 people like this

Share this post


Link to post
Share on other sites

Posted

it compares nicely to the Security Standard top passwords used in 2013 (at least to start with. then it gets weird)

  1. password
  2. 123456
  3. 12345678
  4. 1234
  5. qwerty
  6. 12345
  7. dragon
  8. ######
  9. baseball
  10. football
  11. letmein
  12. monkey
  13. 696969
  14. abc123
  15. mustang
  16. michael
  17. shadow
  18. master
  19. jennifer
  20. 111111
  21. 2000
  22. jordan
  23. superman
  24. harley
  25. 1234567

Share this post


Link to post
Share on other sites

Posted

where do i obtain a copy of the dump? I need to verify what password I used on it and the Adobe login screen right now just resets everything whether you typed in a correct or wrong old password.

Share this post


Link to post
Share on other sites

Posted

My neowin password is on that list :woot:

Share this post


Link to post
Share on other sites

Posted

Wait, they said the passwords were encrypted. Does this mean that they cracked the encryption, or stole the keys as well? Or just brute forced the ones above?

Share this post


Link to post
Share on other sites

Posted

 

it compares nicely to the Security Standard top passwords used in 2013 (at least to start with. then it gets weird)

 

I think it gets weird at dragon. A lot of the later ones I understand, but dragon?  :dog:

 

I do like *****. It's like millions of people think they're clever by turning asterisks into asterisks. Obviously that's at least ten times more secure.

Share this post


Link to post
Share on other sites

Posted

Some of the top Adobe account passwords seem a bit random like azerty and iloveyou. :huh::laugh:

Share this post


Link to post
Share on other sites

Posted

Some of the top Adobe account passwords seem a bit random like azerty and iloveyou. :huh::laugh:

 

 

The French have AZERTY keyboards rather than QWERTY, I ######ing hate passwords, personally I prefer Google and Steams way of sending out a text or an email to confirm when you login.

Share this post


Link to post
Share on other sites

Posted

I guess I am one of them too. I don't need that account, though they ask me to register for every silly thing and I can't remember all :)

 

Basically this. There's no secret info in your Adobe-account (unless you're a CC-subscriber, but there aren't too many of those), so there's really no need for a secure password.

 

I couldn't care less, if someone broke into my Adobe-account and downloaded trials using my login. 

Share this post


Link to post
Share on other sites

Posted

The French have AZERTY keyboards rather than QWERTY, I ****ing hate passwords, personally I prefer Google and Steams way of sending out a text or an email to confirm when you login.

Interesting, never would have thought the French would have different keyboards, but I guess it makes sense. :) Also, I prefer passwords, but I can see why you prefer other methods.

Share this post


Link to post
Share on other sites

Posted

My neowin password is on that list :woot:

logging in & posting poRn ... :shifty:

Share this post


Link to post
Share on other sites

Posted

logging in & posting poRn ... :shifty:

Now they'll know it's you, if that happens. :p
1 person likes this

Share this post


Link to post
Share on other sites

Posted

I think everyone hates password system that we have now a days. So many problems with it.  We need a better solution.

Share this post


Link to post
Share on other sites

Posted

I don't sign up for bs like that. I find a alternative way around it and if there isn't one oh well. Adobe in general is horrible.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.