CENTRAL IT SALES SERVICES NEWS PRODUCTS HOSTING SUPPORT CONTACT
item6

Click here to receive our newsletter and special offers delivered direct to your inbox.
item6a1
item3a
item3a

Report a Problem

Check on a Request

Knowledge Books

System Status

Latest News

Repair Extension Programmes

Download Remote Software

 item3a
item3a
item6a1b

Blog Archive

Wednesday 6 November 2013

123456: Millions of Adobe hack victims used horrible passwords


The hacking of Adobe that compromised tens of millions of accounts is no joke, but at least we can enjoy a little dark humor over users' predictably awful passwords.

The passwords were posted by Jeremi Gosney of Scricture Group, and reported by The Register.
Gosney noted that the list can't be verified in the absence of Adobe's encryption keys. But he said that with Adobe “choosing symmetric key encryption over hashing, selecting ECB mode, and using the same key for every password, combined with a large number of known plaintexts and the generosity of users who flat-out gave us their password in their password hint,” he's fairly confident in the list.
Here are the 20 most common passwords, followed by the number of Adobe users who used that password:
  • 1. 123456 - 1,911,938
  • 2. 123456789 - 446,162
  • 3. password - 345,834
  • 4. adobe123 - 211,659
  • 5. 12345678 - 201,580
  • 6. qwerty - 130,832
  • 7. 1234567 - 124,253
  • 8. 111111 - 113,884
  • 9. photoshop - 83,411
  • 10. 123123 - 82,694
  • 11. 1234567890 - 76,910
  • 12. 000000 - 76,186
  • 13. abc123 - 70,791
  • 14. 1234 - 61,453
  • 15. adobe1 - 56,744
  • 16. macromedia - 54,651
  • 17. azerty - 48,850
  • 18. iloveyou - 47,142
  • 19. aaaaaa - 44,281
  • 20. 654321 - 43,670
Of course, “123456” and “password” are at the top of the list, as they so often are. And whoever used “macromedia”—a throwback to the origins of Flash and Dreamweaver—probably thought they were being pretty clever.
If you're scratching your head over the apparent stupidity of the Adobe-using public, take comfort in the fact that the top 20 passwords only account for roughly 3 percent of the 130,324,429 Adobe user accounts Gosney was able to obtain. The vast majority of people are using passwords that are at least somewhat unique.
Adobe confirmed the security breach on October 3, revealing that hackers stole 2.9 million encrypted credit card numbers and expiration dates. A few weeks later, Krebs on Security reported that hackers stole login information for at least 38 million active users, and possibly more than 150 million total accounts (including inactive IDs and test accounts).
Hackers also made off with some of Adobe's source code for programs including Photoshop. Security experts have warned that the theft could reveal Adobe's vulnerabilities and security schemes, leading to a new generation of malware, viruses and exploits. Laugh it up while you can.

DON'T-MISS STORIES

item6a2a2

Copyright © Central IT Services Ltd

bannernews
CENTRAL IT SERVICES NEWS PRODUCTS HOSTING SUPPORT item6a2a2