136th Day Of Lockdown

Maharashtra49026232728117092 Tamil Nadu2850242275754690 Andhra Pradesh2069601204641842 Karnataka164924842322998 Delhi1427231282324082 Uttar Pradesh113378668341981 West Bengal89666630601954 Telangana7525753239601 Bihar7179446294400 Gujarat68855517922604 Assam5549737225132 Rajasthan4941835186763 Odisha4255028698292 Haryana4005433444467 Madhya Pradesh3729827621962 Kerala3170019147103 Jammu and Kashmir2392716218449 Punjab1901512491462 Jharkhand140705199129 Chhatisgarh10109761369 Uttarakhand8008484795 Goa7075511460 Tripura5520367528 Puducherry4147253758 Manipur301818147 Himachal Pradesh2879171013 Nagaland24056594 Arunachal Pradesh179011053 Chandigarh120671520 Meghalaya9173305 Sikkim7832971 Mizoram5022820
Technology Other News 31 Oct 2019 32 passwords you sho ...

32 passwords you should never use unless you are begging to be hacked

DECCAN CHRONICLE.
Published Oct 31, 2019, 12:26 pm IST
Updated Oct 31, 2019, 12:26 pm IST
An analysis of about 20 million passwords has revealed that a mere 4.9 million were unique.
The industries with the highest number of stolen credentials were quite alarming. (Photo: ANI)
 The industries with the highest number of stolen credentials were quite alarming. (Photo: ANI)

In what may have been an exhaustive ordeal, security researchers have dug deep into the dark web, forums, social networks, chat channels and website that are hidden from regular web browsers where stolen data such as credentials are commonly traded between cybercrimanls. The researchers have stated that there are more than 21 million credentials that belong to Fortune 500 companies with 95 per cent of these included in plaintext passwords that were either stored unencrypted or cracked by cybercriminals. The ImmuniWeb researchers analysed nearly 20 million passwords and claim that only 4.9 million were unique. Out of the remaining, some of the passwords were commonly used than others.

As per a related report by Forbes, Davey Winder states, “the research also revealed some interesting facts on an industry by industry basis. Retail was by far and away the industry with the weakest passwords, being those under eight characters, dictionary words, or system defaults. The following four sectors were much more closely grouped and were as follows: telecommunications, industrials, transportation, and financials.”

 

The industries with the highest number of stolen credentials were quite alarming. Technology was at the highest with 5 million exposed passwords. This was followed by financials with 4.9 million passwords. After this, healthcare at 1.9 million, industrials at 1.8 million and energy at 1.7 million.

The report adds that about 42 per cent of all the stolen passwords were linked in one way or the other to the company name concerned or the breached resource. It comes as no surprise then that attackers were able to “brute-force” these passwords “which means they could have a computer program try every dictionary word and common variations using numerical or special character replacements until the password was found.”

 

Ilia Kolochenko, CEO and founder of ImmuniWeb states, “The disastrous situation with weak passwords may first appear to be easily addressable by standard technical means. however, in light of the wide and dynamic spectrum of corporate and third-party systems handling confidential or sensitive data, this task becomes virtually unfeasible."

To this effect Winder states that this is true as several organisations have no concrete means to authorize password policies of their IT providers and partners which in turn exposes the corporate accounts to weak passwords which eventually leads to compromises.

 

Kolochenko says, “Two-factor authentication (2FA) is no panacea. worse, as some researches have recently demonstrated, may undermine security if incorrectly implemented." He recommends, “Holistic visibility of your digital assets and data, coherent identity and access management (IAM) program covering third-parties and third-party risk mitigation strategy are essential to protect your organization.”

Here is a look at the 32 passwords you should never use:

000000

111111

112233

123456

12345678

123456789

 

1qaz2wsx

3154061

456a33

66936455

789_234

aaaaaa

abc123

career121

carrier

comdy

cheer!

cheezy

Exigent

old123ma

opensesame

pass1

passer

passw0rd

password

password1

penispenis

snowman

soccer1

student

welcome

!qaz1qaz

Click on Deccan Chronicle Technology and Science for the latest news and reviews. Follow us on Facebook, Twitter

...




ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT