The average person has quite a bit to memorize just to get through a normal day: ATM PINs, voice mail access codes, coupon codes, bicycle lock combinations, student/work ID numbers, phone numbers, sometimes even a PIN just to turn your phone on… You get the idea. But what do people sacrifice just to lighten the memory load? Most often, it’s work passwords.
So when the Systems Administrator at work gives employees yet another default username and default password, odds are they are rarely changed. Default usernames/passwords are usually something easy to remember like changeme.
Easy to remember, easy to guess.
I came across some password statistics recently from the ‘Security Basics’ mailing list. The most frequently used passwords were – let’s just say, lacking in creativity. The number one password used – 123456.
The statistics were based on a ‘username password’ file of 88,900 entries and here are the results:
The human mind can juggle a maximum of 3 to 4 items at a time. And considering most people have an average of 25 online accounts, 123456 is an easy password solution to a long workday.
But now let me tell you exactly where these 88,900 password statistics came from. A member of the ‘Security Basics’ mailing list posted them, saying:
“I recently had the opportunity to analyze a ‘username password’ file used by an SSH brute force program found on a hacked system.”
Unfortunately, poor password habits don’t stop when you leave the office. If your password is on the above list, there is a chance you are taking your work habits home with you too. Do these passwords look familiar? If so, it’s a good idea to change your passwords both at work and at home!