What LulzSec Logins Reveal About Bookworms, and Passwords 136
Barence writes "Today the hacking group LulzSec posted 62,000 hacked email usernames and passwords online. PC Pro's Darien Graham-Smith has analysed the passwords stolen — which are believed to have come from a website for writers — and found some interesting patterns. Aside from 'password' and obvious numerical patterns (i.e. '12345') the most common passwords share a literary theme: 'romance,' 'mystery,' 'shadow' and 'bookworm' are all commonly used passwords. 'Clearly, this is a back-of-an-envelope breakdown of a mixed mass of unverified data,' said Graham-Smith. 'But it gives an interesting insight into the way people choose their passwords: in this case, apparently, on a theme that reflects the nature of the site they're visiting.'"
oh noez! (Score:5, Interesting)
Easy-to-remember passwords for a site that doesn't matter at all? Color me shocked. When forced to sign up for forums to ask a question about coding or tech troubleshooting, I generally use a pretty basic password and then lie about all of my personal info. That way if someone does acquire this info (and it has happened multiple times) I don't get burned. For important things like banking and gmail, I have 2-step authentication enabled and use a strong password on top of that. Different on every site of course.
But for stuff like writers forums, tech support sites, slashdot (haha!) and the like? I don't use and don't care to use a strong password because, well, what's the point? You don't hear about individuals on these sites being hacked because of the insecure passwords they use. No, you hear about the administrators of these sites having their sites hacked and their userlists and passwords stolen. What good does a strong password serve on a site like this when there are gaping security holes in the OS hosting the forums?
And why, for Xenu's sake, are people still storing passwords in plaintext??