Doing my morning reading this morning, I stumbled upon a great blog post talking about a recent compromise of the phpbb.com website and password database. Now of course a lot of people, when registering for a message board like phpbb.com know they aren’t logging into a sensitive site like their bank website and therefore, it’s likely they don’t put as much care into the passwords they choose. Regardless of this, it’s always good to be reminded about what the most common passwords, and therefore easiest to crack passwords are so we can save ourselves the trouble of dealing with such a problem in the future.
According to Robert Graham’s post, 65% of phpbb.com’s passwords were found in the English dictionary and 94% were in a “hacker’s” dictionary file. Another way to say this is: 94% of the accounts out there could have been hacked anyways!
16% of the passwords matched a person’s first name! 14% were patterns on the keyboard such as: 123456, qwerty, 159357, etc. There are a lot more of these listed in the original article so I won’t rehash them, you should go check out the full article yourself. But what I will post below are the top 20 passwords used:
So you can be sure of one thing, if you use ANY of the above passwords for anything, you should probably change it, even for those low-priority sites.