password alternatives
John Klossner, Dark Reading – http://www.darkreading.com/endpoint/authentication/strong-passwords/d/d-id/1127941
Hieropasswords
Leave a reply
Tag Archives: password
Dethroning of “password” as #1 bad password
“password” has been replaced by the cryptographically clever “123456” according to Splashdata.
Where’s 8675309 when you need it? And Jenny for that matter?
Password usage seems to follow Zipf distribution
Like word distributions and company sizes, frequency of usage of particular passwords seems to follow a Zipf distribution or power law distribution. That is, there are a lot of people that pick from a small common pool of passwords and that the number of people that use a particular password drops off quickly once you step away from that common pool.
Mark Burnett’s research shows that, of a list of 10,000 ranked passwords:
- 91% of users have a password from the top 1000 passwords
- 79% of users have a password from the top 500 passwords
- 40% of users have a password from the top 100 passwords
BTW, almost 5% of all users have the password, ‘password’.
List of top passwords here. Heads up — there’s some colorful language in play here for popular passwords.
Cyber angst art
Almost 5 million LinkedIn clear text passwords in a lovely bound set for your viewing and sharing pleasure. So we’ve got that going for us.
Default Passwords
Why is it important to change default passwords on hardware, applications, and other systems? Because the passwords are published and, in effect, not passwords at all. A few responses from Googling ‘default passwords’ :
And there’s plenty more.
Lesson:
Default password = No password
Password management in small & medium sized businesses
Poor password policies and management can be an Achilles heal for any business. Making it more challenging for small and medium sized businesses is that they often cannot afford to implement or support full Identify Access Management systems. There is, however, some middle ground.