'Phished' Password list:- A quick analysis

Filed Under: Malware, SophosLabs, Vulnerability

The Disney song "The Wonderful Thing About Tiggers" has the lyric:

I'm the only one!
I-I-I-I'm.....the only one!

Except, it seems when we are talking about passwords in the latest list of 'phished' * passwords. Thanks to the people on Neowin the blog for pointing me at the data. After a quick analysis of the list, some of the most popular passwords are:

neopets
123456
monkey
123321
tigger
password
princess
pokemon
kitty
casper
123456789
neopet
anime
iloveyou

As well as being insecure, these passwords suggest a preoccupation with children's popular culture. I would advise that parents not only change their passwords and check their computer security, but that they also ensure their kids' change their passwords on their email accounts as well as any online forums they belong too.

* There is some debate in SophosLabs about these recent password lists as to whether they are the result of traditional spam phishes or other things.

Personally, I think that this data is a combination of

  • some phishing emails
  • keylogger data
  • and a rogue social networking application phishing information

However this password list was compiled, all users should follow a password routine.
http://vimeo.com/moogaloop.swf?clip_id=3546084&server=vimeo.com&show_title=0&show_byline=0&show_portrait=0&color=ffffff&fullscreen=1
Simple tips for better web password security from SophosLabs on Vimeo.

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s