Passwords That Should Never Be Used

The Original Yama writes "Strong passwords are your first step in securing your systems. If a password can be easily guessed or compromised using a simple dictionary attack, your systems will be vulnerable to hackers, worms, Trojans, and viruses. PCLinuxOnline provides an alphanumerical list of list of commonly used weak passwords that should never be used. If any of these passwords look hauntingly familiar and are being used, you should change the password immediately."

missed one...

[Anonymous Coward]

I worked ISP tech support and the one I remember showing up way too often was:

thx1138

I've secured my Internet privacy

[prostoalex]

I've protected my privacy and use Gator [gator.com] for all my passwords.

I keep it simple

[Anonymous Coward]

I use PASSWORD for everything.

Anonymous Coward NY Times passwd

[me98411]

I do not see "slashdotcoward" in the list. Looks like it is a strong passwd. Isn't that the login and passwd used by Anonymous Coward for NY times?

Top 10 Passwords Not to be Used

[AtariAmarok]

10. iluvalqueda

9. idareyoutoguessthis

8. oldfattylumpkinwhosewisenoseledushere

7. *******

6. (my actual password)

5. cowboyneal

4. pencil

3. neo

2. secret

1. password

This one real cool password I had...

[Kevin Stevens]

It used to be so great...

There was this obscure OS that no one had ever heard of... man it was cool... it was like unix on the pc... and this guy that developed it... this guy from scandanavia. You see it was really clever because it was a play on his actual name, and easy to remember.

Then... 1998 came. Its been downhill from there. I wouldnt even trust it to a hotmail account now.

You forgot...

[omarius]

0. idkfa -1. spispopd

Re:Top 10 Passwords Not to be Used

[Josh Booth]

I'm surprised "gandalf" is not there. Everyone knows that it's the password of every other root account in the world.

Guess I should change my password

[lightspawn]

I've been using that same old password from one of my favorite movies [google.com].

Of course, I use the variant spelling.

Favorites from the Real World

[angst_ridden_hipster]

Of course, none of these are very good as passwords (mostly vulnerable to dictionary attacks), but amusing nonetheless:

Mr.Root

logout

friend
friend and enter

open sesame
open tahini

open the door HAL

admit1

lemmeIN

hey,babe
what'syoursign?

Since I'm a little slow, the last two had me puzzled. It was explained to me that they were "pass words," i.e., words used in making passes.

I'm safe!

[babbage]

Woohoo! My trusty old 1234567890 didn't make the list!

/me wipes brow at his well-chosen password

An honest look at password creation

[WarPresident]

(January)
User: Tim
Password: NEWUSER

YOU MUST CHANGE YOUR PASSWORD EVERY 30 DAYS
PASSWORD MUST HAVE AT LEAST 6 ALPHA AND 2 NUMERIC/OTHER CHARACTERS
New Password: password

PASSWORD MUST HAVE AT LEAST 6 ALPHA AND 2 NUMERIC/OTHER CHARACTERS
New Password: password01

OK ...
(February)
User: Tim
Password: password01

YOU MUST CHANGE YOUR PASSWORD EVERY 30 DAYS
PASSWORD MUST HAVE AT LEAST 6 ALPHA AND 2 NUMERIC/OTHER CHARACTERS
New Password: password01

THIS PASSWORD HAS BEEN USED RECENTLY
YOU MUST CHANGE YOUR PASSWORD EVERY 30 DAYS
PASSWORD MUST HAVE AT LEAST 6 ALPHA AND 2 NUMERIC/OTHER CHARACTERS
New Password: password02

OK ...
(March)
User: Tim
Password: password02

YOU MUST CHANGE YOUR PASSWORD EVERY 30 DAYS
PASSWORD MUST HAVE AT LEAST 6 ALPHA AND 2 NUMERIC/OTHER CHARACTERS
New Password: password03

OK ...

repeat ad nauseum

Only an idiot

[chaotica1974]

Would have the password 12345 on his luggage!

How are my passwords?

[MBCook]

Lets see...

fizzlebop... OK
coodleschmidt... OK
sneedalbiz... OK
testripithia... OK
crumblehip... OK
skazeltank... OK

OK, all my passwords are safe. No one will ever guess 'em.

.

.

Crud!

Re:An honest look at password creation

[BRSloth]

Login: yes
Password: i dont have one
password is incorrect

Login: yes
Password: incorrect

Re:I keep it simple

[ConceptJunkie]

Yeah, I could have guessed that. I think a lot of people are using your /. account to post. I see that username dozens of times in every story.

I'm surprised that the classic "xyzzy" isn't in the list. Other words I would have expected to see "fred", "bofh", "windows", and "billgatescanbitemyshinymetalass".

Re:Universal Passwords

[Frnknstn]

Forgive me, but I have no idea what you are talking about. Nowhere do I claim any such thing. I do claim that 98814936052800 is greater than 321272406 (98814936052800 > 321272406).

98814936052800 is the number of all passwords with lengths from six to nine with at least one number.

321272406 is the number of all passwords with lengths from one to six, as would be picked by unregulated users.

Short passwords??

[Anonymous Coward]

The only SAFE password is a long one: http://support.microsoft.com/default.aspx?scid=kb; en-us;276304 [microsoft.com]!

Re:I keep it simple

[Brandybuck]

"billgatescanbitemyshinymetalass"

It's eery how close that is to my own password!

Uncanny!

[crawdaddy]

Numeric insecure password list: 0, 1, 1.1, 2, 5, 7, 12, 30, 110, 111, 123, 1111, 1234, 2002, 2003, 2222, 2600, 8429, 12345, 54321, 111111, 121212, 123123, 123456, 166816, 256256, 654321, 1234567, 1322222, 7061992, 11111111, 12345678, 19920706, 22222222, 88888888, 123456789, 1. 1, 1234qwer, 123abc, 123asd, 123qwe, 1RRWTTOOI, 240653C9467E45, 24Banc81, 3098z, 3ep5w2u, 4Dgifts, 4getme2, 4tas, 57gbzb

12345?! That's incredible! That's the same combination I use on my luggage!

Things To Never Use

[Piquan]

MEMORANDUM

From: Information Services

To: All personell

Re: Secure computing practices

The following, found during a routine review of our authentication system, are insecure and should never be used:

• accounting
• admin
• backup
• boss
• cisco
• congress
• death
• engineer
• ibm
• internet
• kiddie
• love
• manager
• sex
• snake
• user
• windows
• www

Avoid anything on this list. Any personell using anything on this list will be required to attend a mandatory fnord security training class, and may possibly face reprimands for repeat offenses.

no qwerty?

[Arngautr]

Yes!! qwerty wasn't one of 'em that means I'm safe, er... um, yeah....

notobvious

[richie2000]

The UUCP password for all customers on a certain large american ISP was for a very long time 'notobvious'. I still get a chuckle out of imagining how it came to be:

Technician: What should we set the password to, boss?

Boss: I don't care, just pick one that's not obvious.
Technician: Right, boss.

To be fair, it was just the password to login to the modem server, every customer had an additional real password to actually access the UUCP box behind it.

Re:Top 10 Passwords Not to be Used

[zerblat]

Don't you mean "friend [google.com]" (or possibly "mellon")?

Spaceballs

[jubitzu]

Dark Helmet: 1-2-3-4-5? That's the stupidest combination I ever heard in my life. That's the kind of thing an idiot would have on his luggage. President Skroob: 1-2-3-4-5? That's amazing! I've got the same combination on my luggage.

Re:Password rules at IBM Watson Research

[SpaceLifeForm]

'Sc0su><s'

Outdated list

[MasterMnd]

I'm thinking that pdp8 and pdp11 are not likely to be that common anymore. Perhaps this list was a bit more accurate 20 years ago.

Ah, well, now I've got to change all of my root passwords from youwontguessme to p^$$w0rd. Hey, at least it's not on the list.

Re:Top 10 Passwords Not to be Used

[Anonymous Coward]

Posting anonymously to not get myself in trouble... hi mike!

I worked with this engineer, call him mike, who had an account on a customer's machine. He was on vacation when the customer wanted a little help with that machine. The other engineer and I call mike to get his login and password to do some remote maintenance. Mike is reluctant to tell us the password. We think he's just being secretive, until he asks to be taken off speaker phone so he can tell us. His password: bigblackdonkeydick.

Sometimes password isn't so bad...