The hacking of Adobe that compromised tens of millions of accounts is no joke, but at least we can enjoy a little dark humor over users' predictably awful passwords.
The passwords were posted by Jeremi Gosney of Scricture Group, and reported by The Register.
Gosney noted that the list can't be verified in the absence of Adobe's encryption keys. But he said that with Adobe “choosing symmetric key encryption over hashing, selecting ECB mode, and using the same key for every password, combined with a large number of known plaintexts and the generosity of users who flat-out gave us their password in their password hint,” he's fairly confident in the list.
Here are the 20 most common passwords, followed by the number of Adobe users who used that password:
- 1. 123456 - 1,911,938
- 2. 123456789 - 446,162
- 3. password - 345,834
- 4. adobe123 - 211,659
- 5. 12345678 - 201,580
- 6. qwerty - 130,832
- 7. 1234567 - 124,253
- 8. 111111 - 113,884
- 9. photoshop - 83,411
- 10. 123123 - 82,694
- 11. 1234567890 - 76,910
- 12. 000000 - 76,186
- 13. abc123 - 70,791
- 14. 1234 - 61,453
- 15. adobe1 - 56,744
- 16. macromedia - 54,651
- 17. azerty - 48,850
- 18. iloveyou - 47,142
- 19. aaaaaa - 44,281
- 20. 654321 - 43,670
Of course, “123456” and “password” are at the top of the list, as they so often are. And whoever used “macromedia”—a throwback to the origins of Flash and Dreamweaver—probably thought they were being pretty clever.
If you're scratching your head over the apparent stupidity of the Adobe-using public, take comfort in the fact that the top 20 passwords only account for roughly 3 percent of the 130,324,429 Adobe user accounts Gosney was able to obtain. The vast majority of people are using passwords that are at least somewhat unique.
Adobe confirmed the security breach on October 3, revealing that hackers stole 2.9 million encrypted credit card numbers and expiration dates. A few weeks later, Krebs on Security reported that hackers stole login information for at least 38 million active users, and possibly more than 150 million total accounts (including inactive IDs and test accounts).
Hackers also made off with some of Adobe's source code for programs including Photoshop. Security experts have warned that the theft could reveal Adobe's vulnerabilities and security schemes, leading to a new generation of malware, viruses and exploits. Laugh it up while you can.
Subscribe to the Security Watch Newsletter
Thank you for sharing this page.
Sorry! There was an error emailing this page
Related Topics: matt flynn mavericks Emmys 2013 nfl vince young
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.