Information Security News
mailing list archives
Why so many bad passwords? Because the rules allow them.
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 14 Mar 2012 00:33:42 -0500 (CDT)
By Kevin McCaney
March 12, 2012
A recent study by security company Trustwave found that the most common
computer passwords are still variations on the word “password.”
That news won’t make anyone spit out their morning coffee; the
prevalence of bad passwords is an established fact of life. But the
report does shed light on why bad passwords are so common and offers
suggestions for reducing the problem.
Trustwave’s 2012 Global Security Report, a comprehensive look at the
security landscape, includes a section on passwords that delves into
weaknesses in user behavior, administrative policy and the technologies
used to manage passwords.
The company’s SpiderLabs studied 2.5 million passwords used at
organizations and found that about 5 percent of them used a variation on
“password,” such as “Password1,” “Password2,” “Passw0rd,” “Password123,"
and plain old “password.” Another popular one was variations on
“welcome,” such as “WeIcome,” “Welcome1,” and so on. And the
always-reliable “123456” made an appearance, too.
ISSMP, CISSP, and Certified Ethical Hacker training with Expanding Security
gives the best training and support. Get a free live class invite weekly.
Best program, best price. http://www.ExpandingSecurity.com/PainPill
- Why so many bad passwords? Because the rules allow them. InfoSec News (Mar 14)