Analyzing 20,000 MySpace Passwords

Rub3X writes "Author found 20 thousand MySpace passwords on a phishing site and did some tests on them. They were tested for strength, length and a number of other things. Also tested was the most popular password, and the most popular email service used when registering for myspace."

Already Unreachable

[CycleFreak]

Site reports the account has exceeded its CPU quota. Hmmm ... Already ?

Real Passwords?

[neochubbz]

Who is to say these people didn't just use bogus passwords?

-Chubbz

Wrong crowd to analyze

[sachu]

I think the analysis is just one-sided, as all the passwords are coming from a phishing site. Thus coming from people who are not really internet savvy and that's why most of them have ridiculous passwords!!

Flawed logic

[jimbo3123]

Ok, a number of you have pointed out that this list is not representative of Myspace users because it came from a phishing site.

You make the assumption that there is another class of myspace user that is smart (at least smart enough to recoginze it as a phishing site or to avoid being phished at all).

From the massive amounts of stupid crap I've seen so far on myspace, I would say that you're making a pretty big assumption.

Aren't we overlooking something here?

[Terragen]

Does it really matter how secure a password is if the user is susceptible to phishing?

So what if the analysis shows that 99% of MySpace passwords are "very secure" - all of the passwords in question were obtained through phishing so the accounts have been compromised regardless!

It's like forcing people to change their passwords so often that they resort to writing them on post-it notes on their monitor. Security is more than just the strength of your password.