Study Analyzes Patterns in Passwords

December 11, 2016

A study of leaked emails and passwords showed too many still take the easy route when choosing passwords.

A CBT Nuggets report analyzed the leaked accounts for root words and easy-to-guess elements. Among other information, the analysis revealed the top 30 most leaked passwords, the total number of passwords leaked by name, age bracket, gender, and even state of residence. The percentage of people who use their own names in their passwords is 42.1 percent.

Among the 50,000 accounts, of the 30 most common passwords the top 10 were love, star, girl, rock, miss, hell, Mike, John, and baby. Hackers, who have access to more than just one study of leaked info, start by running the most common passwords — if they don’t have to work hard, they won’t complain. CBT Nugget recommends avoiding the most popular passwords and use made up word and letter, number, and special character combinations.

According to the report, people with certain first names are most likely to have their passwords leaked, whether they use their names in their passwords or not. For gender-indicative names (certainly not gender-specific), Mike, Chris, John, Dave or Matt are the top five for males and Jen, Jessica, Sarah, Amanda, and Michelle take the lead for women. Overall, males accounted for 53 percent of the leaked passwords and females 47 percent.

Account holder age mattered, too, with millennials in the lead. Of the leaked accounts, 65 percent were 25-34 years old, followed by 16 percent aged 35-44, and 13.6 percent 21-24. All other age groupings were 2.5 percent or lower.

Within U.S. states, 4.67 leaked passwords per 100,000 residents was the average. Hawaii had the highest average at 38.71 passwords, followed by California with 18.18, and Nevada with 12.42.

Some people use their own name in your password, and among the top 25 leading offenders, people named Amy used their name either as or part of their password 60 percent of the time, followed by Lisa (59 percent), Scott (56 percent), Mark (54 percent), and Laura (53 percent).

Yahoo emails accounted for about 48 percent of the leaked accounts, followed by Hotmail and Gmail at 17 percent, and AOL at 7 percent. All others accounted for 10 percent. Even though AOL accounts were the least leaked, the study showed that service had the highest incidence (46 percent) of people using part of their name or username in their passwords.

https://blog.cbtnuggets.com/2016/12/leaky-logins-50000-passwords-exposed/

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

Study Analyzes Patterns in Passwords

Related Articles

Report Abusive Comment