A week ago I wrote about the analysis of the Gawker passwords. Now Troy Hunt has provided a similar analysis based on the SonyPictures.com compromise. He looked at 37,608 accounts from the LulzSec torrent and analyzed the passwords for
- Length
- Types of characters used
- Randomness
- Reuse of passwords between accounts
You really should head over to Hunt’s blog and read the article—there are lots of interesting results.
Sadly, all our favorite passwords are there, although seinfeld beat out password for first place and 123456 came in fourth. Like the previous Gawker analysis, Hunt’s results are alarming. Companies are going to have to start doing more to increase password safety. It’s a sure thing that the users aren’t going to.
You may remember that I’ve written about Hunt’s work before on my old blog. If you didn’t take my advice then and read his series of posts on passwords, you should do so now—he has a lot of useful things to say.