Stop me if you’ve heard this one before. Last year, billions of credentials were exposed due to thousands of data breaches. Many of the companies that were hacked didn’t tell anyone until months after the fact, and the most common password exposed during these breaches was … 123456.
I know, right? Same old story.
At this point, I’d love to tell you that there was something new and exciting about these breaches. In some ways, there is: The poor security used by many large companies is under greater scrutiny than ever before. But in other ways, these exposures reinforce the importance of the advice that’s been around for years: Choose a strong password and, where you can, don’t use a password at all.
The most succinct summary of the scale of data breaches in 2018 comes courtesy of SpyCloud, a firm specializing in security analysis and anti-account takeover solutions. It reports that in 2018 it was able to recover 3.5 billion credentials from 2,882 breached sources and managed to decrypt 87% of the passwords contained in this data.
A deeper analysis reveals more troubling factors. One is that it’s not clear that many of the “data breaches” reported in the press last year were data breaches at all. In some cases, companies merely released data that they had permission to release — for example, Facebook’s controversial “research project,” reported by TechCrunch, that involved releasing a data-mining app (subsequently blocked) to consumers that was intended for internal corporate use under Apple’s licensing agreement. The second worrying issue is the ongoing prevalence of email scams, which still account for the vast majority of hacks for which a worrying number of people still fall.
And then we come to companies’ responses to these breaches. MyFitnessPal, owned by Under Armour, unintentionally shared the credentials of at least 150 million users in a much-publicized hack, but one that only came to light weeks after it had happened. Quora, in a similar attack, had 100 million user names, passwords, and other data stolen.
Now, you might think that MyFitnessPal and Quora are hardly the most important accounts in your life, and that’s true. Neither carries detailed financial information or personal photographs. The problem is that too many people use the same password for these apps as they do for all of their online accounts, and so a breach of even a “low-level” account can have huge consequences both in yielding access to other accounts and driving customers away from the affected company for good.
Password Hashing
It’s also worth looking at how passwords and other information was extracted from the data stolen from Quora and MyFitnessPal.
The stolen data was encrypted, as well it should be. Instead of a plaintext password, the breached information contained hashes of passwords. These are codes generated from passwords by an encryption algorithm, and many companies (including these two, it turns out) think that this makes them secure.
It doesn’t. Or, rather, it would if they were using quality algorithms. Unfortunately, the encryption scheme used by both companies — md5 and sha1, respectively — are now pretty easy for cybercriminals to overcome. There are even free pieces of software that will do this for them.
So, the companies involved in these hacks were certainly at blame, but only partially. A closer look at the data in the breaches also reveals that poor security practices on the part of users also made the hackers’ job a lot easier.
Password Reuse
To see why that is, it’s worth looking at the most common passwords that were exposed during these breaches.
Here they are: 123456 123456789 password qwerty 12345 qwerty123 1q2w3e 123123 111111 12345678 1234567 1234567890 abc123 anhyeuem iloveyou password1 123456789 123321 qwertyuiop 654321 123456 121212 asdasd 666666 zxcvbnm 987654321 112233 123456a 123123123 123qwe 11111111 aaaaaa qwe123 dragon 1234 1q2w3e4r5t reset zinch 25251325 monkey a123456 1qaz2wsx 1q2w3e4r 123654 159753 222222 asdfghjkl 147258369 999999 5201314 123abc qweqwe 456789 555555 7777777 qazwsx princess qwerty1 1111111 football j38ifUbn asdfgh 66bob 888888 163.com 147258 asd123 azerty sunshine 789456 3rJs1la7qE 159357 michael 789456123 88888888 1234qwer daniel Password abcd1234 myspace1 computer 987654321 shadow qqqqqq 1234561 killer superman pokemon 987654 master q1w2e3r4t5y6 baseball 777777 123456789a charlie 11223344 333333 soccer x4ivygA51F
It gets even worse when you realize that the kind of person who uses 123456 as a password is probably using this password for all of their online accounts.
And so the issue is not that someone gets access to a Quora account. It’s that password reuse is still common practice despite the penetration of password management software into the mainstream, nearly all of which uses AES 256-bit encryption. The best advice, besides letting your computer do the managing for you, is to use a variety of strong passwords and never, ever, use 123456, no matter how easy it is to type.
Related Content:
Sam Bocetta is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyber warfare, cyber defense, and cryptography. Previously, Sam was a defense contractor. He worked in close partnership with architects and … View Full Bio
More Insights
Like!! Really appreciate you sharing this blog post.Really thank you! Keep writing.
Thanks for the ideas you have shared here. Yet another thing I would like to express is that laptop or computer memory specifications generally increase along with other breakthroughs in the know-how. For instance, when new generations of processors are made in the market, there is usually an equivalent increase in the shape demands of both the laptop or computer memory plus hard drive space. This is because the software operated by way of these processors will inevitably rise in power to make use of the new technological know-how.
I am usually to blogging and i actually appreciate your content. The article has really peaks my interest. I’m going to bookmark your site and maintain checking for new information.
Hello! I just wanted to ask if you ever have any trouble with hackers? My last blog (wordpress) was hacked and I ended up losing months of hard work due to no back up. Do you have any solutions to prevent hackers?
Rattling good info can be found on site.
Thankyou for this tremendous post, I am glad I detected this internet site on yahoo.
One thing I have actually noticed is that often there are plenty of fallacies regarding the banking companies intentions any time talking about foreclosure. One delusion in particular is the fact that the bank prefers to have your house. The bank wants your hard earned cash, not your property. They want the cash they loaned you together with interest. Averting the bank will draw some sort of foreclosed final result. Thanks for your article.
glad to be one of the visitors on this awe inspiring web site : D.
Hi there to every one, itís in fact a pleasant for me to go to see this website, it includes useful Information.
YouTube video clips are well-known in whole globe, because it is the leading video sharing website, and I turn out to be too cheerful by watching YouTube movies.
I’ve learned newer and more effective things through the blog post. One more thing to I have recognized is that normally, FSBO sellers will reject an individual. Remember, they would prefer to not use your products and services. But if you maintain a steady, professional romance, offering aid and being in contact for about four to five weeks, you will usually be capable to win interviews. From there, a listing follows. Cheers
Can you please send me the code for this script or please inform me in detail regarding this script?
glad to be one of several visitants on this amazing web site : D.
Another issue is that video games are generally serious in nature with the main focus on understanding rather than enjoyment. Although, it comes with an entertainment element to keep your young ones engaged, each one game is often designed to work on a specific group of skills or course, such as mathematics or scientific disciplines. Thanks for your publication.
Really enjoyed this update, can you make it so I get an email whenever you write a new update?
I am really eager of reading posts concerning developing new web site, or even regarding Web optimization.
Can you tell us more about this? I’d love to find out more details.
Hi there, this weekend is pleasant in favor of me, for the reason that this occasion i am reading this fantastic informative post here at my house.
I have observed that in digital cameras, extraordinary receptors help to concentrate automatically. Those sensors regarding some camcorders change in contrast, while others start using a beam of infra-red (IR) light, particularly in low lighting. Higher standards cameras from time to time use a mixture of both methods and probably have Face Priority AF where the video camera can ‘See’ a new face and focus only on that. Thank you for sharing your ideas on this blog.
I am really impressed with your writing skills as well as with the layout on your blog. Is this a paid theme or did you modify it yourself? Either way keep up the nice quality writing, it is rare to see a great blog like this one today..
Hi! Would you mind if I share your blog with my facebook group? There’s a lot of people that I think would really enjoy your content. Please let me know. Thank you
Itís going to be end of mine day, however before end I am reading this fantastic article to improve my experience.
If some one desires to be updated with most recent technologies therefore he must be pay a visit this web page and be up to date daily.
I pay a visit daily some web pages and blogs to read posts, except this website provides feature based posts.
What i do not realize is actually how you’re not really much more well-liked than you might be right now. You’re very intelligent. You realize thus significantly relating to this subject, produced me personally consider it from so many varied angles. Its like women and men aren’t fascinated unless it’s one thing to accomplish with Lady gaga! Your own stuffs excellent. Always maintain it up!
I respect your piece of work, thanks for all the useful posts.
some times its a pain in the ass to read what website owners wrote but this site is real user genial! .
Hahahahahahaha, this politics related YouTube video is truly so comic, I loved it. Thanks designed for sharing this.
Normally I do not learn article on blogs, however I would like to say that this write-up very pressured me to check out and do it! Your writing style has been amazed me. Thank you, quite nice article.
I was reading through some of your articles on this internet site and I think this site is really instructive! Continue posting.
Rattling good information can be found on weblog.
Excellent blog you’ve got here.. It’s difficult to find excellent writing like yours nowadays. I really appreciate individuals like you! Take care!!
Dead written content material, Really enjoyed looking at.
My grand father every time used to watch YouTube humorous video clips, hehehehehe, for the reason that he wishes to be glad always.
Hurrah! Finally I got a blog from where I can actually take valuable facts regarding my study and knowledge.
Okay this YouTube video is much superior than last one, this one has nice picture feature as well as audio.
Hello, everything is going fine here and ofcourse every one is sharing facts, thatís truly good, keep up writing.
What’s Happening i am new to this, I stumbled upon this I’ve found It absolutely useful and it has aided me out loads. I hope to contribute & aid other users like its aided me. Great job.
I am happy that I observed this site, precisely the right info that I was searching for! .
Just want to say your article is as astonishing. The clearness for your put up is just great and that i can think you’re a professional in this subject. Well with your permission allow me to grab your RSS feed to keep updated with approaching post. Thanks a million and please keep up the rewarding work.
You made some respectable factors there. I looked on the web for the problem and located most individuals will go along with with your website.
You can certainly see your skills in the work you write. The world hopes for even more passionate writers such as you who aren’t afraid to mention how they believe. Always go after your heart.
Such are in fact cool YouTube videos, its my good luck to visit this web page and finding these awesome YouTube video tutorials.
I have been reading out a few of your posts and i can state pretty good stuff. I will make sure to bookmark your site.
I’ve come across that now, more and more people will be attracted to video cameras and the issue of taking pictures. However, really being a photographer, you need to first expend so much period deciding which model of video camera to buy and moving via store to store just so you may buy the most economical camera of the brand you have decided to pick. But it isn’t going to end now there. You also have to think about whether you should buy a digital camera extended warranty. Thanks alot : ) for the good guidelines I obtained from your weblog.
I like your writing style truly enjoying this internet site.
Definitely believe that which you stated. Your favorite justification appeared to be on the internet the easiest thing to be aware of. I say to you, I definitely get annoyed while people consider worries that they just do not know about. You managed to hit the nail upon the top as well as defined out the whole thing without having side-effects , people could take a signal. Will likely be back to get more. Thanks
It is the happiest time of my life so far, when I am watching these funny video clips at this place, since after complete day working I was so tired and now feeling well.
Thanks for giving your ideas. I’d personally also like to state that video games have been ever before evolving. Today’s technology and improvements have aided create genuine and enjoyable games. These kinds of entertainment video games were not really sensible when the actual concept was being tried. Just like other designs of technologies, video games also have had to progress through many years. This is testimony for the fast continuing development of video games.
I haven’t checked in here for a while as I thought it was getting boring, but the last handful of posts are really good quality so I guess I’ll add you back to my everyday bloglist. You deserve it my friend. 🙂
Oh! Wow its in fact a comical and jockey YouTube video posted here. thanks for sharing it.
There is noticeably a bundle to find out about this. I assume you made sure nice points in features also.
Thanks for sharing excellent informations. Your website is so cool. I’m impressed by the details that you’ve on this site. It reveals how nicely you understand this subject. Bookmarked this web page, will come back for extra articles. You, my pal, ROCK! I found simply the info I already searched all over the place and just could not come across. What a great website.
I visited several web pages however the audio feature for audio songs present at this web page is actually wonderful.
Pretty section of content. I just stumbled upon your website and in accession capital to assert that I acquire actually enjoyed account your blog posts. Any way I’ll be subscribing to your feeds and even I achievement you access consistently rapidly.
Hi there to all, the contents existing at this site are truly remarkable
for people knowledge, well, keep up the nice work fellows.
I think this is among the most significant information for me. And i am glad reading your article. But wanna remark on some general things, The website style is ideal, the articles is really great : D. Good job, cheers
I simply couldn’t leave your site prior to suggesting that I actually loved the usual information a person supply on your
visitors? Is going to be back frequently in order to check
out new posts
It’s very straightforward to find out any topic on net as compared to books, as I found this piece of writing at this web page.
Saved as a favorite, I love your site!
Hello, i think that i saw you visited my blog thus i got here to go back the prefer?.I’m attempting to
to find things to improve my web site!I suppose its good enough to make use of
a few of your ideas!!