10 Most Commonly Used Passwords Online

23 comments

In PC Magazine's upcoming May 8th issue they list the 10 most commonly used passwords online - if you are using any of these please turn off your computer immediately, go take a nap and then download this add-on for FireFox

1. password
2. 123456
3. qwerty
4. abc123
5. letmein
6. monkey
7. myspace1
8. password1
9. blink182
10. (your first name)

Via the Chicago Tribune

Comments

Using a weak password is stupid.

Mine are usually so tough I just have to remember to write it on a sticky note and stick it to my computer monitor:)

On a more serious note, do other folks here use password programs to store the ridiculous amount of passwords you need these days? I've used anypassword in the past, and was pretty happy with it. I mentioned it to an seo buddy, and being the tin-foil hatter he is, was worried about their being a backdoor to it, or a hack or something where he'd be MORE likely to lose his passes (versus just using the same ones over and over everywhere).

I've also heard a lot of folks happy with roboform for many tasks. What's everyone's solution to the password dilemma?

Safeguarding your password.

Dude,

You should check http://www.schneier.com/passsafe.html - that one gets raved about...

-Bob

Eternal tradeoff

There's always a tradeoff between convenience and security. It's hard to have both.

I have a stable of maybe a dozen passwords that I rotate from time to time.

I usually let my browsers remember my passwords. What does roboform do that my browsers don't?

Well to be honest I'm a lot

Well to be honest I'm a lot more worried about how they collected this data!!

Did they just mail out their readers asking them what their passwords were?!

On a more serious note, yeah all my passwords are stored in FF. I usually only have a small selection which I rotate that I know. The bigger problem is all our *users* passwords for our hosting platforms and the like. Obviously we can't retrieve them but if one of our users is in the habit of getting us to do their accounts for us then we can retrieve it from FF.

I never store really important stuff like Adwords logins, PayPal logins, etc.

All those are kept on a pad in my desk. Hacker-proof.

(Kidding...)

changeme?

I'm surprised "changeme" didn't make that list. I hear that one all the time.

What's with blink182 being on the top 10?

I can't get to the article (registration required) but I'd love to know how they collected that data too.

Roboform

It took me a little while to get used to Roboform - but now I couldn't live without it. I have one secure password to protect them all and it's saved me a ton of time (close to 100 logins now).

If you store your passwords in FF, they're very easy to retrieve by anyone who has access to your computer since I'm pretty sure they're stored without encryption.

Well to be honest

Quote:
Well to be honest I'm a lot more worried about how they collected this data!!

From the article: Looking back at PC's source material, I'm seeing that this list doesn't seem to derive from any sort of survey data, although who in his right mind would tell a poll-taker his password, right?

Quote:
I can't get to the article (registration required) but I'd love to know how they collected that data too.

Try this from bugmenot

i've been keeping login info

i've been keeping login info on my handheld encrypted, kind of a hassle but pretty secure method.

250 + Passwords on RoboForm

I have been using RoboForm for the last few years and could not live without it. I would say it has almost replaced my bookmarks, since I use it to access and store all the websites that I go to that need logins, which is most of them.

The thing I like about it, is that I have one install on each of my computers and one on a usb stick that I can take with me, and it is pretty easy to sync up using the restore data feature.

Still I use a few passwords mainly, but should probably switch the really difficult ones that are generated by these programs.

wonder what happens when

wonder what happens when Werty loses his USB stick

"wonder what happens when

"wonder what happens when Werty loses his USB stick"

He becomes stuck?

I have been using an open

I have been using an open source password manager (KeePass - http://sourceforge.net/projects/keepass/). Very happy with it!

Password safe

I've used Password Safe by Bruce Schneier for years and thoroughly recommend it.
http://passwordsafe.sourceforge.net/

One password to access the others. It will pick up URLs from the comments field, clears the clipboard if you close it, and encrypts with "TwoFish" algorithm.

Need a password on the fly?

Need a password on the fly? Sing a tune and type in the first letter as you sing, plus a common punctuated suffix:

"Oh I wish I was in Dixie" --> OIWIWID1,23

"one, two, buckle my shoe" --> 12bms1,23

"hasta la vista, baby" --> hlvb1,23

email yourself "twitter account, dixie 123" and you'll know it's OIWIWID1,23

Password

Been using roboform for years very happy with it. It even lets you print out everything to put in the envelope "do not open unless I get hit by a bus" that's in the bank vault.

(goes back to check John's twitter feed)

Password Keeper

Roboform is great, except they seem to bother you with updates more often than other programs .. in fact, had to update Roboform to a new release just a few hours ago.

Eh.

So, where exactly did we come up with this list? It's a bunch of crap.

I've can't think of a time I've ever once seen anyone use passwords such as password, abc123, etc. Though I know many have tried, but 10 most common? I don't really think so.

What I _HAVE_ seen people attempt the most is using their name as their password, and in some cases their username as their password. That is the number one password used (or at least attempted to be used) by people according to my experience in the last 15 years, 5 of which has been in the I.T. field (Internet Services, and Network Administration). At this time I am a network administration for a large corporation with locations all over the United States, Europe, Asia, etc and part of my job is taking care of users in Active Directory. I'm the one person that knows several hundred employees passwords and gets the call when they get locked out, or sometimes I need to ask for their password to do something (as opposed to changing it in AD myself to get something done and annoying them).

The number one password that people ACTUALLY use:
1. variations of the user's name, possibly with a upper case letter and a 1 at the end for example in environments that require strong passwords.

I've seen ONE person in my entire career try to use 123456, 12345, etc. It's definately not #2. Not even #10 in my experience.

The only place that Myspace1 may be used frequently is, you guessed it, Myspace.

What I have actually noticed, working in an environment where we require strong passwords (upper case, lower case, numbers, specific password length), is that people like to use actual words in their password. No suprise there. For example, a color, a food, etc.

Anyway, this list just doesn't cut it. It's basically mindless attention whoring and entirely lacking fact.

Memento

I prefer to tattoo server passwords onto my body; I'm a big guy, so we can keep expanding without it becoming a problem anytime in the future.

RoboForm don't work with Opera

I'm an Opera head so RoboForm won't be in my password maintenance lineup. ;-)

I've used a little known app called Personal Passworder for years now. It's browser independent and can be used on passwords for anything. It's a flexible database so you can make your own fields. I use this program for all my passwords. It's not free, but I haven't found anything better.

I'm looking into a password

I'm looking into a password manager now. I'm glad this thread came up.

Password Agent

Iv found password agent is a secure lightweight password manager. Is paid but trial allows you to store quiet a few. http://www.moonsoftware.com/pwagent.asp. Keep the file on a USB key, plugged in only when you login, keep your passwords over 15 characters and unique for each account and you will find yourself pretty secure..

Web Replay

I've tested many password managers. There are only 2 reliable solutions. First one is Web Replay Password Manager which besides securely keeping the passwords also offers many login automation features. It even allows you to automate logging into the online banking websites using multiple pages login forms.

The second option is indeed Roboform, especially if you wish to auto-fill forms.

My passwords were so hard to

My passwords were so hard to remember, I had to name my kids after them!

Apart from bo**ocks - which was one I had to use when I realised I wasn't gonna have any more kids and every password I chose was already taken!

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.