Technology

40799 readers

528 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 3 years ago

MODERATORS

remington@beehaw.org

alyaza@beehaw.org

TheRtRevKaiser@beehaw.org

gyrfalcon@beehaw.org

rs5th@beehaw.org

coldredlight@beehaw.org

SemioticStandard@beehaw.org

Top 200 Most Common Passwords | NordPass (nordpass.com)

submitted 1 week ago by otters_raft@lemmy.ca to c/technology@beehaw.org

36 comments fedilink hide all child comments

Seven years since our first top 200 common passwords list, we’ve witnessed how credential trends have changed — and what has remained the same. Each year, we rediscover people’s tendency to opt for weak passwords that prioritize convenience over security.

However, this year, we decided to ask ourselves: How do different generations treat their password use? From the silent generation to the “zoomers,” we analyzed which passwords are the most common among different user groups. As it turns out, bad password habits are trendy no matter how old you are.

you are viewing a single comment's thread
view the rest of the comments

[–] thingsiplay@beehaw.org 13 points 1 week ago (3 children)

Looking at the different countries is also funny. The only password I'm not surprised about is admin, because that's probably the default for most devices maybe? Unless user changes it manually.

But my question is, are these only "hacked" passwords? Because those who are not hacked, you don't know what passwords they have. So this is a bit of bias here, right?

[–] t3rmit3@beehaw.org 7 points 1 week ago (1 children)

But my question is, are these only “hacked” passwords? Because those who are not hacked, you don’t know what passwords they have. So this is a bit of bias here, right?

No, that's not how these are obtained. Password dumps are from attackers breaching a site's user database and dumping their credentials, usually by phishing administrators' logins. Attackers are brute-forcing passwords anymore except on a one-off, very rare basis. Here's a list of publicly-known password dumps, and you can see details about where they came from: https://haveibeenpwned.com/PwnedWebsites

[–] thingsiplay@beehaw.org 5 points 1 week ago (1 children)

Ah right, that makes sense. I know that site, but didn't think of. I know not the smartes in the town.^^

I also wonder if people do more secure passwords for important services. Or do they treat it the same? My parents always used their birthday as password, so they do not forget it. Which not much more secure than 1234.

[–] t3rmit3@beehaw.org 3 points 1 week ago

I also wonder if people do more secure passwords for important services.

In my experience, most people have at most 2-3 passwords, and some do choose a "more secure" one for things like banking and work. Very few people use a password manager.

[–] Creat@discuss.tchncs.de 5 points 1 week ago

Thankfully this isn't allowed for new devices being sold in the EU anymore. They are required to have a per-device individual password now. Hopefully this effectively causes the practice to at least become much less common globally. After all, if you've setup the needed manufacturing steps, there's little sense in skipping them depending on a target region.

[–] smeg@feddit.uk 4 points 1 week ago

You didn't fill in the survey when the password inspector sent you that email? Rude!