Date: Mon, 17 Dec 2012 18:54:17 -0700 From: Stephen John Smoogen <smooge@...il.com> To: john-users@...ts.openwall.com Subject: Re: interesting password cracking discovery On 17 December 2012 14:00, Jerry <sec-acct.14@...x.cc> wrote: > We've all see numerous security announcements, etc, about people using > bad passwords, including using password, spouse or child's name, etc. > > I was recently running john against an old password file from back in > the 1995-1996 time period. John has been running on the file for > awhile, and I just had a large group of password matches. > > For what ever reason, a large group of people decided to use their home > phone number as a password. Specifically, if a person had a phone > number of (123) 456-7890 , the had used 4567890 or 456-7890 as their > password. > > Password security, at least for many, has progressed a great deal since > the 90's, and I have seen all types of bad password security articles, I > just don't recall seeing people use phone numbers as passwords. > > I am curious if others have observed similar occurrences, or if this is > unique. People use phone numbers quite a bit still. I found that xxx-xxxx very very useful at various sites. The other ones that are useful are xxx-xx-xxxx and xxx-xx-xxxx . After that taking words and adding some numbers at the front and "Str", "Ave", "Rd" etc at the end is also fairly common. It is one of those things that people will use what they can remember the easiest.. so the person's address growing up will get used as much as their phone number. > Jerry -- Stephen J Smoogen. "Don't derail a useful feature for the 99% because you're not in it." Linus Torvalds "Years ago my mother used to say to me,... Elwood, you must be oh so smart or oh so pleasant. Well, for years I was smart. I recommend pleasant. You may quote me." —James Stewart as Elwood P. Dowd
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.