Why 'ji32k7au4a83' is a Remarkably Common Password (gizmodo.com) 101
A seemingly complex set of characters like "ji32k7au4a83" is a very common password among users, it turns out. From a report: This interesting bit of trivia comes from self-described hardware/software engineer Robert Ou, who recently asked his Twitter followers if they could explain why this seemingly random string of numbers has been seen by Have I Been Pwned (HIBP) over a hundred times.
Have I Been Pwned is an aggregator that was started by security expert Troy Hunt to help people find out if their email or personal data has shown up in any prominent data breaches. One service it offers is a password search that allows you to check if your password has shown up in any data breaches that are on the radar of the security community. In this case, "ji32k7au4a83" has been seen by HIBP in 141 breaches. Several of Ou's followers quickly figured out the solution to his riddle. The password is coming from the Zhuyin Fuhao system for transliterating Mandarin. The reason it's showing up fairly often in a data breach repository is because "ji32k7au4a83" translates to English as "my password."
Have I Been Pwned is an aggregator that was started by security expert Troy Hunt to help people find out if their email or personal data has shown up in any prominent data breaches. One service it offers is a password search that allows you to check if your password has shown up in any data breaches that are on the radar of the security community. In this case, "ji32k7au4a83" has been seen by HIBP in 141 breaches. Several of Ou's followers quickly figured out the solution to his riddle. The password is coming from the Zhuyin Fuhao system for transliterating Mandarin. The reason it's showing up fairly often in a data breach repository is because "ji32k7au4a83" translates to English as "my password."
Damn! (Score:5, Funny)
I have the same combination on my luggage!
Fun "fact" (Score:5, Interesting)
https://haveibeenpwned.com/Pas... [haveibeenpwned.com]
12345: This password has been seen 2333232 times before.
123456: This password has been seen 23174662 times before.
That's right: there's nearly ten times as many people using 123456 than 12345, so the password used in Spaceballs is actually the more secure one of the two!
Re: (Score:2)
https://haveibeenpwned.com/Pas... [haveibeenpwned.com]
12345: This password has been seen 2333232 times before.
123456: This password has been seen 23174662 times before.
That's right: there's nearly ten times as many people using 123456 than 12345, so the password used in Spaceballs is actually the more secure one of the two!
I wonder if that's because a lot of websites require at least 6 characters.
A lot now require 8 so 12345678 is probably pretty common too.
Re: Fun "fact" (Score:3, Funny)
Holy shit, how autistic are you, on a scale of 1 to 123456?
Re: (Score:1)
You realize most of those 'hotlists' will be alphabetically sorted, and 12345 will STILL show up before 123456, right?
Re: (Score:2)
so the password used in Spaceballs is actually the more secure one of the two!
Only when presented with a dictionary attack, and only if that dictionary doesn't work alphabetically
Re: (Score:2)
Bingo: This password has been seen 702 times before
Re: (Score:2)
I've got the perfect password choice though -- 'yiersansiwu'.
Re: (Score:2)
yiersansiwu: This password has been seen 24 times before
Re: (Score:2)
LastPass (Score:1)
So does this transliteration issue indicate that
Lastpass and it's ilk have possibly been 'randomly'
generating words and phrases in reverse Chinese?
GOod Grief.
SOmeone with too much time on their hands research this ASAP.
Re: MAGA (Score:1)
Is it not great at the moment?
That slogan is so funny, as outside of the USA, great is also commonly use to mean 'annoy' and 'loud noise' and 'rub in damaging way'.... Every time the MAGA slogan is used the whole world laughs and I don't think they know..
Re: (Score:3)
"MAGA"
Oh no — pwned! This password has been seen 62 times before
"MAGA bich"
Good news — no pwnage found!
Reference (Score:2)
http://bash.org/?244321 [bash.org]
Translates to english? (Score:1)
How exactly does "ji32k7au4a83" translates to english? Is it base64-encoded or something?
Re:Translates to english? (Score:5, Funny)
How exactly does "ji32k7au4a83" translates to english? Is it base64-encoded or something?
Try reading an article for once in your life you miserable piece of shit.
Re:Translates to english? (Score:5, Funny)
I may be a piece of shit, but I never watched Les misérables, you insensitive clod.
Re: (Score:1)
Re: (Score:3)
Never read the story, that is the same as renting out your brain to whoever pays for the slavertisements.
Re: (Score:1)
Answer: the Gizmodo article explains it.
TL;DR: it's caused by a keyboard layout.
Re:Translates to english? (Score:5, Informative)
Because people usually turn off IME edit for password fields. For one thing, a lot of systems reject exotic characters in passwords. Also, if you need to log in from a system that doesn't have a suitable Chinese IME you're screwed if you need Chinese characters. So they turn off IME edit, select US ANSI keyboard layout, and type the keys they would for an easy-to-remember Chinese phrase. It end up looking like random letters/numbers in English.
Re: (Score:2)
Yeah, but it's a dumb thing to do because it won't display properly in a terminal and you'll have to rely on the punycoded form to deal with it.
Re:Translates to english? (Score:5, Informative)
The original mandarin translates to english as "my password".
The original mandarin character sequence is coded in the database as "ji32k7au4a83", it is a pidgin transcoding schema. It is related to https://en.wikipedia.org/wiki/... [wikipedia.org] but I forgot the name of that transliteration above.
Re: (Score:2)
Re: Translates to english? (Score:4, Informative)
Zhu yin fu hao is the Chinese keyboard super-imposed on the ASCII keyboard.
Ji3 is u o = wo3
2k7 is de e = de
Au4 is mo yi 4 = mi4
A83 is mo a 3 = ma3
Wo3 U+6211 is the first person pronoun
De U+7684 is the possessive
Mi4 U+5BC6 means secret
Ma3 U+78BC means number or code
Taken together, "wo de mima" translates to "my password".
The number 3 after a Mandarin word stands for the third tone. The number 4 stands for the fourth tone. The particle de is unstressed. There is no tone on an unstressed word
They should have used (Score:5, Funny)
Re: (Score:2)
Re:They should have used (Score:4, Funny)
Exactly. You need to change your password.
Re: (Score:1)
The cool thing is that Slashdot auto-masks passwords in comments, replacing them with asterisks... here's my password, but I bet you'll only see the masked version:
**********
See? Try it for yourself!
(...with apologies to Bash.org/?244321)
Re: (Score:1)
Re: (Score:2)
Re: (Score:1)
Hilarious results (Score:2)
https://haveibeenpwned.com/Pas... [haveibeenpwned.com]
Frosty Piss: Good news — no pwnage found!
FrostyPiss: Good news — no pwnage found!
Frosty_Piss: Good news — no pwnage found!
Keep on frosty pissing, friend. But you might want to consider some vacation time in a warmer country.
Re: (Score:2)
I'm confused (Score:5, Funny)
Now you're telling me I should change it to this?
Re: (Score:2)
No - you need to change them all to "fourwordsalluppercase"
Re: (Score:2)
Surprisingly, "fuckits" was found 52 times, but "fuckITS", "fuckITS!" and both "fuckyouITS" and "fuckyouits" were declared "unfound".
Good summary (Score:5, Insightful)
Lately I haven't been able to even parse some summaries but with this one I get a cute story and don't even need to read TFA unless I want details.
It's like 1999 again.
Damn it. (Score:2)
That was our first choice for a baby name, now it's out 'cause most things won't let you use your name as a password.
This is hilarious (Score:3)
What makes it even more mind blowing is that it LOOKS like a password you'd randomly type by bashing a bunch of letter and number keys.
k92jf8j2ih22
f8y23jk29ugwe
ji32k7au4a83
It doesn't even stand out!
Such an interesting world we live in.
Re: (Score:2)
It shows just how screwed up text handling is on computers. Chinese has thousands of characters, maybe 50k total although only a few thousand are in common use. But computers are mostly handling ASCII, and ASCII only reliably stores about 6 per character (a-z, A-Z, 0-9) because control characters, extended characters and punctuation are often filtered or mangled.
This affects English speaking users too. For example, by default Microsoft's pre-boot authentication for Bitlocker defaults to a numeric PIN which
So, what is ... (Score:2)
Foreign language passwords (Score:2)
Re: (Score:2)
Using just one Russian profanity at a time is doing it wrong, no matter whether for a password or for cursing. If I remember my Russian lessons correctly it should be at least three storeys high.
Wait, this is genius. (Score:4, Interesting)
Re: (Score:1)
Re: (Score:2)
Cyrillic is not a language, it is an alphabet.
Re: (Score:2)
That's even better. You could type a bunch of Cyrillic characters and English speakers would swear that it's Russian, while Russian speakers say "WTF", or whatever that is in Russian.
Re: (Score:2)
This is exactly what happens in many movies.
Re: (Score:1)
Cyrillic is not a language, it is an alphabet.
True, but the password field doesn't know the difference.
Re: (Score:2)
It usually does by accepting only 7 bit ASCII characters.
I thought there would be some clever sci-fi tie in (Score:2)