Simple passwords easier to hack: Experts
Washington: Simple and easy-to-remember passwords such as "123456" or "iloveu" can allow hackers easy access to the secured zones of internet users, experts warn.
According to a new analysis, one out of five web users still choose a simple, easily guessed password like "abc123", "iloveyou" or even "password" to protect their data.
"I guess it`s just a genetic flaw in humans," said Amichai Shulman, chief technology officer at Imperva, which makes software for blocking hackers. "We`ve been following the same patterns since the 1990s."
Shulman and his company examined a list of 32 million passwords that an unknown hacker stole last month from RockYou, which develops software for users of social networking sites like Facebook and MySpace.
The list was posted on the web, and RockYou advised its customers to change their passwords, as the hackers gained information about their e-mail accounts.
Imperva found that nearly one percent of the 32 million people it studied had used "123456" as a password. The second-most-popular password was "12345". Others in the top 20 included "qwerty", "abc123" and "princess", The New York Times reported.
More disturbing, Shulman said, was that about 20 percent of people on the RockYou list picked from the same, relatively small pool of 5,000 passwords.
That suggests that hackers could easily break into many accounts just by trying the most common passwords. Because of the prevalence of fast computers and speedy networks, hackers can fire off thousands of password guesses per minute.
"We tend to think of password guessing as a very time-consuming attack in which I take each account and try a large number of name-and-password combinations," Shulman said. "The reality is that you can be very effective by choosing a small number of common passwords."
Researchers say social networking and entertainment websites often try to make life simpler for their users and are reluctant to put too many controls in place.
Overusing simple passwords is not a new phenomenon. A similar survey examined computer passwords used in the mid-1990s and found that the most popular ones at that time were "12345", "abc123" and "password".
Software experts, however, cite overworking brain in the digital age as a reason behind the overuse of such passwords.
"Nowadays, we have to keep probably 10 times as many passwords in our head as we did 10 years ago," said Jeff Moss, who founded a popular hacking conference and is now on the Homeland Security Advisory Council. "Voice mail passwords, ATM PINs and Internet passwords - it`s so hard to keep track of."
The experts suggest that everyone choose at least two different passwords - a complex one for websites where security is vital, such as banks and e-mail, and a simpler one for places where the stakes are lower, such as social networking and entertainment sites.
More from India
More from World
More from Sports
More from Entertaiment
- Jamaat-e-Islami chief announces Rs 100 cr reward for PM Modi's arrest
- Zee Media exclusive interview with victim of Uber molestation
- Maggi samples found unsafe: Delhi government
- DNA: Analysis of Vijay Mallya's 'fund transfer formula'
- IMD forecasts 'deficient' Monsoon, drought-like conditions expected
- Was asked to call Sunanda Pushkar’s death `natural`: AIIMS doctor
- Maggi row: Delhi registers case against Nestle, Kerala withdraws stock from govt stores
- Rahul Gandhi hails BR Ambedkar, takes potshot at Modi-led NDA govt over IIT Madras row
- From being the ‘Dabangg’ girl to ‘Akira’ - Sonakshi Sinha’s journey so far
- China ship carrying 458 on board sinks in Yangtze River: Five dead, hundreds missing