Home page logo
/

isn logo Information Security News mailing list archives

Why so many bad passwords? Because the rules allow them.
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 14 Mar 2012 00:33:42 -0500 (CDT)

http://gcn.com/articles/2012/03/12/bad-passwords-why-organizations-allow-them.aspx

By Kevin McCaney
GCN.com
March 12, 2012

A recent study by security company Trustwave found that the most common computer passwords are still variations on the word “password.”

That news won’t make anyone spit out their morning coffee; the prevalence of bad passwords is an established fact of life. But the report does shed light on why bad passwords are so common and offers suggestions for reducing the problem.

Trustwave’s 2012 Global Security Report, a comprehensive look at the security landscape, includes a section on passwords that delves into weaknesses in user behavior, administrative policy and the technologies used to manage passwords.

The company’s SpiderLabs studied 2.5 million passwords used at organizations and found that about 5 percent of them used a variation on “password,” such as “Password1,” “Password2,” “Passw0rd,” “Password123," and plain old “password.” Another popular one was variations on “welcome,” such as “WeIcome,” “Welcome1,” and so on. And the always-reliable “123456” made an appearance, too.

[...]

______________________________________________________________________________
ISSMP, CISSP, and Certified Ethical Hacker training with Expanding Security
gives the best training and support.  Get a free live class invite weekly.
Best program, best price. http://www.ExpandingSecurity.com/PainPill

  By Date           By Thread  

Current thread:
  • Why so many bad passwords? Because the rules allow them. InfoSec News (Mar 14)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault