25 Worst Passwords for 2011

http://mashable.com/2011/11/17/worst-internet-passwords/

'SplashData created the rankings based on millions of stolen passwords posted online by hackers. Here is the complete list:

1. password
2. 123456
3.12345678
4. qwerty
5. abc123
6. monkey
7. 1234567
8. letmein
9. trustno1
10. dragon
11. baseball
12. 111111
13. iloveyou
14. master
15. sunshine
16. ashley
17. bailey
18. passw0rd
19. shadow
20. 123123
21. 654321
22. superman
23. qazwsx
24. michael
25. football

more at link

:rofl:

:wtf:

:rolf:

"zzzzzz". And called them on it. If you can't come up with a secure password that you can remember, you are too stupid to have administrative powers. And don't use the same damn ones for everything - make internet email different, network login different, and banking different. I have 30 different passwords that rotate at any given time. It truly isn't hard to remember if you make it relevant to you personally, but also use alternate characters and a salt.

If you have any sort of short-term memory loss (as I do).

Please consider making your point without being unsympathetic to those less fortunate than you. :)

that provides you access to all your other logins and passwords. Ideas include 1) your browser's built-in password storage, 2) a standalone program (for example, KeePass (I have never used it)), 3) a simple text file listing your actual, or cues to, passwords; you can encrypt/decrypt that file as necessary.

sigh... I can't tell you how many Michaels I've known and are in our family. People need to let that name go for a generation!

use those passwords!

would probably be more secure. :)

Many places I have had to enter passwords gave a gauge of weak or strong and too weak of one they would reject it. Also many use the same password in all their sites they visit. It's a pain but I won't do that either.

At least half of those are the obvious ones to try. "ashley" and "bailey" are definitely newer.

I had an employee ten years ago who was relatively talented at programming, but a lazy bastard. As a routine security check, I connected to one of our web servers, entered his last name for "user" and the word "bob" for the password. I had full admin access to the thing. ANYBODY who knew the guy would have known that was an obvious choice for a password because he used it as a joke all the time. And he went by his last name. I was fucking pissed.

The next day, he tried to explain how it was a "necessity" because he was on-site and one of our clients had to get access in one of their programs. He was just too lazy to create a rights-restricted user. There was no way to get access to the client's server remotely so I made him create a new user with the minimum necessary rights and a REAL password and then get his ass over there and fix the damn code. I should have just fired him, but he complied and knew better than to make the same mistake again.

lol