The recent Yahoo! password breach is a little unusual. Yahoo! is a big company, a web pioneer even. Yet it was apparently storing over 450,000 account login details in plain text on one of its servers. This is the sort of mistake you’re more likely to see from a startup than a company like Yahoo!. If there is an upside to all this, it’s that we get to take another look at the passwords people are using.
The breach seems to have come from a server for the Yahoo! Voices platform, formerly known as Associated Content. The login details included email addresses and the passwords used for Yahoo!’s services. Cnet’s Declan McCullagh was kind enough to sort through all the data and tabulate the top points.
Of the email addresses used, the most popular domain was Yahoo.com with over 130,000, but that shouldn’t be a surprise. Next up is Gmail at a little over 100,000. Hotmail, AOL, and Comcast follow, but there are quite a few domains.
The passwords are, as usual, sad to go over. Can you guess what the most used password from the leak was? Here’s a hint: it’s always the top password. If you guessed 123456, you are correct. Exactly 1,667 people used that password. Then there is ‘password’ as a password, which came in second with 780 uses. Ninja was used 333 times, which is definitely not stealthy like its namesake. The top 10 also contains a few more numerical repetitions and the ever-popular ‘Princess’ password.
People have been warned about password security for years now, and it still doesn’t appear to be sinking in. Stronger passwords are a good idea, but in the cases of terrible leaks like this, it wouldn’t do any good. Yahoo! has to take the blame on this one.
via Declan McCullagh
Source: Article Source