By on December 14, 2010

The WSJ has come up with a list of the top fifty Gawker passwords. The most common is “1n5i9t7t2f8a6g5m7y5c1t4t2a2o9tc$%”, which is part of the Fibonacci prime sequence interlaced with the first letter of each word of the phrase “Now is the time for all good men to come to the aid of their country”, ending with two non-letters to slow down brute-force attacks.

Oh, who am I kidding! The most popular password was 123456! Other popular choices: password! qwerty! superman! iloveyou!

Luckily they haven’t figured out my Jalopnik password yet; I know of one fellow who will be personally offended when it’s retrieved.

Get the latest TTAC e-Newsletter!

21 Comments on “PSA Part 2: Not All Gawker Passwords Were Masterpieces Of Crypto-Intellectual Might...”


  • avatar
    jimbowski

    This lol cat picture is about the best one I have ever seen….really.

  • avatar
    ajla

    Ed, you’ll never get a commenting star if you keep this up.

  • avatar
    mikedt

    In all fairness to the simple password choosers, what can you do with someone’s Gawker pw? Post stupid comments. That’s it. Hardly worth spending time on a good pw.

  • avatar
    Lokki

    I think most of us have two or three passwords that we use -

    One complicated one for the super-secret stuff like bank accounts et al

    One for the sort private stuff

    One easy to remember for all the rest. 

    It’s impossible otherwise.  

    How many million sites require a password now days?  My laptop has an option to use a fingerprint reader to substitute for passwords, but it’s not reliable enough to really depend on. I use it to log into the laptop, but it’s not uncommon to have to swipe my finger four or five times…. and that’s after I’ve cleaned the peanut butter and jelly off!

    In any case, I would hope that most people aren’t using the same 123456 password for everything… they’re not THAT stupid, are they?  Bueller?  Anybody?

     

    • 0 avatar
      HerrKaLeun

      I’m doing the same 3-tier strategy. Super easy password for forums like this. Well. it includes a capitalized, lower case and numbers…  but something i remember.
      for email more complicated. And for logging into webhosting etc. it is long.
       
      My wifi at home has one of those 63-sign cryptic signs. My router has a separate guest network with an easy password so the inlaws can surf without getting into my network.
       
      I’m hardly surprised people don’t have secure passwords for something unimportant.

  • avatar
    photog02

    I would hazard a guess that the passwords of any blog site are about equally as weak as the Gawker passwords. People don’t come up with strong passwords unless they are forced to or they see value in protecting the information behind the password.
    Personally, I have weak and easy to type passwords for all the “no threat” sites (including this one and Jalopnik), with randomly generated passwords with special characters for anything at or above the importance of my cellphone account. Would I be concerned if my blog passwords were hacked? Not in the least. I don’t see how this is news or why it has been posted a couple of times here already.

    • 0 avatar
      powermatic

      <i>”I don’t see how this is news or why it has been posted a couple of times here already.”</i>
      I’ll take a shot-It’s topical, it’s ancillary to the Gawker story (there’s a lot of crossover Jalopnik/TTAC traffic here), it’s a bit of a burn to the competition which is always fun for a writer, this aspect of the story <i>hasn’t</i> been “posted here already”, there’s an interesting link, and Jack’s blurb made me laugh.
      For those reasons and more, it seems all-good to me.
       
       
       
       

    • 0 avatar
      photog02

      Well, true true and true. It is topical in that it is about another car site. It is ancillary to a story that was questionable to begin with. Its a burn to the competition, which makes this blog sound like it suffers from a mix between a Napoleon complex and schadenfreude.

    • 0 avatar
      Areitu

      The concern is for shortsighted people like me, who use the same passwords for multiple sites. I have a number of passwords that I rotate through, but I don’t have low/med/high security passwords, and don’t remember which one I used to sign up for Jalopnik. I’m going through and changing all of my passwords, in case someone decides to hijack my account and use it to spam about acai berries.

  • avatar
    PeregrineFalcon

    Anyone else reminded of that scene from Spaceballs?
    “One. Two. Three. Four. Five.”

    http://www.youtube.com/watch?v=K95SXe3pZoY

  • avatar
    Felis Concolor

    And here I thought 15 character passwords were a good start.
     
    My biggest gripe with many password systems are their restrictions; many of them restrict character entry to a subset of 7-bit ASCII and often certain control characters (including <>/*@^ and several others) are excluded from use. It makes the random hash generator useless for 80% of the sites I visit that offer personal account password protection.

  • avatar
    nonce

    They’ll never guess my password, Shadowfax.
     
    Oh no, I said it out loud!

  • avatar
    healthy skeptic

    I used to work in IT (shudder). Jack forgot a few gems:
     
    “admin”
     
    “user”
     
    “” (blank)
     
    “pass” – note the clever omission of the word “word”
     
    “passwd” – note the clever omission of the letters “or”
     
    [username] – the same value that went into the username field (e.g. “dave”, “dave”)
     
    And my all-time fav:
     
    “[lastname]1″ – the user’s last name, with…wait for it…the number “1″ diabolically appended to the end! Un-crackable!
     


Back to TopLeave a Reply

You must be logged in to post a comment.

Subscribe without commenting

Recent Comments

New Car Research

Get a Free Dealer Quote

Staff

  • Contributing Writers

  • Jack Baruth, United States
  • Brendan McAleer, Canada
  • Marcelo De Vasconcellos, Brazil
  • Vojta Dobes, Czech Republic
  • Matthias Gasnier, Australia
  • W. Christian 'Mental' Ward, Abu Dhabi
  • Mark Stevenson, Canada
  • Cameron Aubernon, United States
  • J Emerson, United States