Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
Network Security
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical FW: [ISN] Most Common Hotmail Password Revealed!

  • From: Howell, Paul
  • Date: Wed Oct 07 08:01:10 2009 

-----Original Message-----
From: isn-bounces@infosecnews.org [mailto:isn-bounces@infosecnews.org]
On Behalf Of InfoSec News
Sent: Wednesday, October 07, 2009 5:34 AM
To: isn@infosecnews.org
Subject: [ISN] Most Common Hotmail Password Revealed! 

http://www.wired.com/threatlevel/2009/10/10000-passwords/

By Kim Zetter
Threat Level
Wired.com
October 6, 2009

A researcher who examined 10,000 Hotmail, MSN and Live.com passwords 
that were recently exposed online has published an analysis of the list 
and found that "123456" was the most commonly used password, appearing 
64 times.

Forty-two percent of the passwords used lowercase letters from "a to z";

only 6 percent mixed alpha-numeric and other characters.

Many of the top 20 passwords used were Spanish names, such as Alejandra 
and Alberto, suggesting that the victims were in Spanish-speaking 
communities. Nearly 2,000 of the passwords were only six characters 
long. The longest password was 30 characters -- 
lafaroleratropezoooooooooooooo.

The 10,000 passwords and user names, believed to be booty from a 
phishing attack, were posted over the weekend to the clipboard site 
PasteBin. The site owner has since removed the list, but Bogdan Calin of

Acunetix grabbed the passwords before it disappeared.

The list included only online account addresses that began with "A" or 
"B," suggesting that the list was only part of a larger cache of 
credentials. On Tuesday, the BBC reported that it had viewed a second 
list of more than 20,000 account credentials that included Gmail, Yahoo 
and AOL accounts, and that Google had uncovered a third list containing 
an unknown number of accounts.

[...]


------------------------------------------------------------------------
To unsubscribe from netsec, send mail to majordomo@merit.edu
with a body consisting of the words "unsubscribe netsec" --
without the quotes. For more help, send a message to majordomo@merit.edu
with the word "help" as the body.
------------------------------------------------------------------------


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.