Hacked Syrian Officials Used '12345' As Email Password

Nominei writes "The Israeli newspaper Haaretz reports that the Syrian President, aides and staffers had their email hacked by Anonymous, who leaked hundreds of emails online. Reportedly, many of the accounts used the password '12345' (which their IT department probably warned them to change when the accounts got set up, of course)."

Re:That's amazing

[Vintowin]

I've got the same combination on my luggage!

Came for this, leaving satisfied!! This thread will go to plaid soon.

You know...

[koan]

Every time I go to pastebin.com and look at the hacked sites the passwords are always weak, extremely weak, virtually no one uses strong passwords.

Re:You know...

[arth1]

Every time I go to pastebin.com and look at the hacked sites the passwords are always weak, extremely weak

No surprise there.

, virtually no one uses strong passwords.

Non sequitur. The published passwords are weak because that's the passwords that were easily cracked. Those who have strong passwords are underrepresented on the lists precisely because they have stronger passwords so they weren't brute-forced easily.

IT departments and well-meaning distro packagers have to take some of the blame too. I can't choose a password like Zph9vZZZ3tPseX4 because it has Z repeated 3 times, and contains a word found in a dictionary?
Fuck that then, I'll go with abcd1234 instead. Oh, and I have to change it every four weeks? Next time it will be 1234abcd, then abcd12345 and 12345abcd - catch my drift?

Re:You know...

[Dwonis]

Every time I go to pastebin.com and look at the hacked sites the passwords are always weak, extremely weak

No surprise there.

, virtually no one uses strong passwords.

Non sequitur. The published passwords are weak because that's the passwords that were easily cracked. Those who have strong passwords are underrepresented on the lists precisely because they have stronger passwords so they weren't brute-forced easily.

Sure, but every now and then, some *site* uses a poor hash, which allows people like me to do research on password strength and frequency. These results don't exhibit the selection bias you're talking about, because they're a full dump of passwords on the site. This is just for one specific site, but I found that 36% of all passwords were easily discoverable using a rainbow table, 33% of passwords weren't unique, and 1 in 72 users had the password "super123" for some reason.

I actually had a list of email addresses and their corresponding passwords for the site. I wouldn't be surprised if a lot of these passwords could also be used to get access to their corresponding GMail/Yahoo/Hotmail accounts (but I didn't test it out, because I enjoy not being in jail).

Palin Popcorn Password

[kenh]

Is this really 'hacking' when you guess the password?

Reminds me of the script-kiddie who 'hacked' into Sarah Palin's email account once he successfully guessed her password was 'popcorn'...

Wonder how he's doing in prison?

Re:12345

[flyingsquid]

If a bunch of kids could hack into Syran government email by typing "12345", you'd imagine that at least one of the big cyberwarfare or intelligence units out there- the U.S., Israel, or China- would have thought of the same trick and has already been monitoring their communications for a while. At least you'd hope so. I'd hate to think that right now there are of a couple of NSA agents looking at each other and saying, "12345... hey, why didn't we think of that?"

Re:That's amazing

[Frosty+Piss]

Why do you insult neanderthals?

Re:12345

[Culture20]

Or a couple of NSA agents looking at each other and saying "shit, now we can't read their email"