Washington State

Office of the Attorney General

Attorney General

Bob Ferguson

So when I was a freshman in college, I used to like to play a game with my roommate. I had a computer and he didn’t, so he used mine -- which was totally fine. But just to mess with him, I changed my Windows login password every few days or so; just to see if he could guess it. I didn’t make it inordinately hard because it was fine that he used it, but for a while he was getting it right all the time.password image

I asked him how and he referred me to the posters in our room. Every password I was making was directly related to a band or movie poster that was hanging on the walls of our dorm.

Granted, it didn’t take an Enigma coding machine to crack the codes, but I was impressed. That was 10 years ago and people for the most part are far savvier about their passwords today. Right?

Well, not completely. An analysis of a hacker’s breach of 32 million passwords from the social network hub RockYou.com by online security firm Imperva shows that some people are still lagging woefully behind.

The Top 10:

Rank Password # of Users
(absolute)
1 123456 290,731
2 12345 79,978
3 123456789 76,790
4 Password 61,958
5 iloveyou 51,622
6 princess 35,231
7 rockyou 22,588
8 1234567 21,726
9 12345678 20,553

If any of your passwords are listed above, please stop reading and go change them to something unique immediately.

I bring this up because researchers at Georgia Tech recently published a study of how they were able to crack eight character passwords using a cluster of graphics cards within two hours. Startling to say the least given the number of possibilities; but even more so was the discovery that it would have taken 17,134 years to crack 12 character passwords. 

Before you scramble to change all of your passwords, keep in mind that passwords are more likely to be unwittingly compromised through phishing scams than by elaborate hacking setups. But it never hurts to revisit and/or change them every so often.  

Just don’t choose “reservoirdogs”.

Trust me.

~ Darius Schwarz, Public Affairs Intern

 

S M T W T F S
 
 
 
1
 
2
 
3
 
4
 
5
 
6
 
7
 
8
 
9
 
10
 
11
 
12
 
13
 
14
 
15
 
16
 
17
 
18
 
19
 
20
 
21
 
22
 
23
 
24
 
25
 
26
 
27
 
28
 
29
 
30