LIKE US ON FACEBOOK

Customer Passwords Exposed

12 months ago

...

RYOT POINTS

adobe-logo

A recent database of customer passwords exposed when hackers attacked Adobe’s servers yielded a list of the 100 most-used passwords, and if anything, it provides a guide for what not to make your password.

For instance, 1,911,938 users set “123456″ as their password, and almost 500,000 other people added 789 to that string for theirs. I think it would be helpful to give some quick tips on what not to set your password as (at least in Adobe systems)

1. Don’t slide your finger across a row of keys for your password

As mentioned above, the first nine numbers seem adequate for password setters, but the list reveals that “qwerty,” “asdfgh” “qwertyuiop” or even some more complicated ones like “123qwe” or 1qaz2wsx (whoa, diagonals!) are also popular. There are over  171,476 active words in the Oxford English Dictionary, guys; let’s be a little more creative. Typing the same number multiple times is also not constructive.

2. Typing a real word is the first step, but maybe let’s not use words like “password…”

Over 345,000 people did it.

3. …Or your name…

Especially if your name is popular, i.e. “Michael,” “Charlie,” “Jessica” or “Michelle.”

4. Maybe don’t use the name of the system you’re using

Over 83,000 people used the password, “photoshop.” “Adobeadobe” “computer” and “internet” as passwords are also not advised.

It should also be noted that while “fuckyou” may be the message you wish to send to hackers, 21,383 have the same anger issues, so don’t do it.
These hacks have been surfacing ever since Adobe released a statement in early October disclosing that the company’s corporate network was compromised, allowing hackers access to source codes, password data and other information from almost three million customers.

Nakedsecurity.com also reports that hackers obtained sensitive information from over 38 million people, including customers’ Adobe IDs, encrypted passwords, names, encrypted debit and credit card numbers, and expiration dates. Adobe spokeswoman Heather Edell confirmed the number in a press release.

“So far, our investigation has confirmed that the attackers obtained access to Adobe IDs and (what were at the time valid), encrypted passwords for approximately 38 million active users.”

Edell also stated that the passwords were reset for the active users, but that the hackers also got access to source codes for programs Reader, Acrobat, ColdFusion and Photoshop. Ars Technica reported that hackers also had access to information on over 130 inactive Adobe users as well.

According to Mashable, the passwords were then released online in a 9.3-gigabyte file that allowed hackers like Jeremi Gosney, a password cracker and researcher with Stricture Consulting Group, to crack the passwords and release the Top 100 list online.

RYOT NOTE from Michael

It’s important that people understand how important it is to have a more, er, cryptic password. But not all people in the tech sector are bad. TechSoup Global helps nonprofits globally get and use technology to heighten their impact. Through its websites, events and community-building initiatives, TechSoup Global also helps companies and foundations optimize their philanthropic impact. Click the Action Box above this story to learn more, consider donating and Become the News!

CLICK HERE TO TAKE ACTION

Tagged:

acrobat adobe coldfusion cyber security hacking jeremi gosney nakedsecurity.com Oxford English Dictionary passwords Photoshop reader stricture consulting group
LIKE US ON FACEBOOK
0 comments

Customer Passwords Exposed

-- display nothing --