A password in that cloud stood out to me: heka6w2. I downloaded the list, and it’s the 421st most common password. The ones around it are pretty mundane: mark and copper. But “heka6w2” is odd. Is it possible that a prolific and not very careful spammer has made so many fake accounts that his password is more popular than, say “america” (#437)?
1 Like
In all the identity theft stories I have seen the perp ussually:
- uses a reset password feature and guesses a secret question
- Steals data from the company
- fishes people into entering their password into a fake site
Long hard to remember passwords don’t really help with those things. Really what you should be doing is eliminating the question feature from the password reset and when you sign on, focus on the site and not some long series of random numbers and letters.
Also, I think you would probably find lots of people create multiple dummy accounts that contain very little personal information. Those probably account for a significant number of the “password” passwords.
I would be really interested to see where the weak points in the system actually are and how we can do more to correct them.
I know I have quite a few accounts with trivial passwords. I also have fairly decent passwords on accounts that matter to me.
I just don’t care that much if those accounts get compromised, and I won’t be bothered to remember a complex password for them.
Slashdot? VW forum? Reddit? Hell, even Yahoo! email? Yeah, impersonate me. Go for it. Have fun!
My banks and credit cards? Passwords I can remember but they’re lengthy and non-dictionary.
My first thought was that heka (or hecka) is a variation of hella, but I do not know about the rest of the letters so …
This topic was automatically closed after 5 days. New replies are no longer allowed.
