Slashdot Mirror

← Back to Stories (view on slashdot.org)

What LulzSec Logins Reveal About Bookworms, and Passwords

Posted by timothy on from the keeping-them-straight-does-get-tricky dept.

Barence writes "Today the hacking group LulzSec posted 62,000 hacked email usernames and passwords online. PC Pro's Darien Graham-Smith has analysed the passwords stolen — which are believed to have come from a website for writers — and found some interesting patterns. Aside from 'password' and obvious numerical patterns (i.e. '12345') the most common passwords share a literary theme: 'romance,' 'mystery,' 'shadow' and 'bookworm' are all commonly used passwords. 'Clearly, this is a back-of-an-envelope breakdown of a mixed mass of unverified data,' said Graham-Smith. 'But it gives an interesting insight into the way people choose their passwords: in this case, apparently, on a theme that reflects the nature of the site they're visiting.'"

5 of 136 comments (clear)

  1. Are you sure? by DanTheStone · · Score: 4, Insightful

    Perhaps these are their passwords for every site, and this site just over-represents people interested in books and writing. I certainly don't use custom passwords based on the type of site.

    1. Re:Are you sure? by mwvdlee · · Score: 4, Funny

      My generic password is "iwillnevertellyou".
      They'll never figure that one out, not even if they try to beat it out of me.

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
  2. oh noez! by torgis · · Score: 5, Interesting

    Easy-to-remember passwords for a site that doesn't matter at all? Color me shocked. When forced to sign up for forums to ask a question about coding or tech troubleshooting, I generally use a pretty basic password and then lie about all of my personal info. That way if someone does acquire this info (and it has happened multiple times) I don't get burned. For important things like banking and gmail, I have 2-step authentication enabled and use a strong password on top of that. Different on every site of course.

    But for stuff like writers forums, tech support sites, slashdot (haha!) and the like? I don't use and don't care to use a strong password because, well, what's the point? You don't hear about individuals on these sites being hacked because of the insecure passwords they use. No, you hear about the administrators of these sites having their sites hacked and their userlists and passwords stolen. What good does a strong password serve on a site like this when there are gaping security holes in the OS hosting the forums?

    And why, for Xenu's sake, are people still storing passwords in plaintext??

  3. check your passwords by iamhassi · · Score: 3, Informative

    Here's a link to the passwords so you can check if your password is on there

    Just search the page for your password. Chrome does a great job of this because it starts highlighting matching passwords as you type it. I just checked my passwords, none of them are on this list.

    --
    my karma will be here long after I'm gone
  4. But of course. by Black+Parrot · · Score: 4, Funny

    But it gives an interesting insight into the way people choose their passwords: in this case, apparently, on a theme that reflects the nature of the site they're visiting.

    The three most popular Slashdot passwords are 'troll', 'slacker', and 'clown'.

    --
    Sheesh, evil *and* a jerk. -- Jade