Every time a prominent site gets hacked, someone always goes through the trouble to analyze the passwords contained in the data leak, usually to my own comic amusement. With sites from the Gawker network, especially sites like Gizmodo and Lifehacker, where users commonly claim to be among the web’s most savvy users, you would expect the passwords to be a little better.

Numbers one, two, and three? 123456, password, and 12345678. The full list is even funnier, though, and contains things like “letmein,” “princess,” and “starwars.” Well done, nerds of the internet.

You can find more entries, along with some graphical analysis of the passwords included at the Wall Street Journal.

It’s rarely news that most people use terrible passwords. There are just so many to remember, and really, no one is all that good at remembering completely random strings of letters and numbers. Recently, though, we got a little more data behind this widely accepted fact.

RockYou, a widget service for social networking sites, was recently hacked. The hacker retrieved passwords for 32 million accounts, which were stored in a database as plain text, and posted them online. Security firm iMPERVA took a look at the passwords and found some ridiculous stats. The most common password? 123456. That was followed by 12345, 123456789, and Password. That capital P is definitely important.

iMPERVA esimated that a slow DSL connection could access one account every second using a simple dictionary hack. It’s hard to say whether people would use better passwords on sites that hold more sensitive data, but my inclination would be no. Why add more passwords to remember, even if they’re as simple as Password.

Source: Ars Technica