Typical passwords
 

So I made a website for (someone) and gave them a really complicated password to edit the site. I told them yes, complicated is better. They (ahem: she) said (not asked) that she wanted a easier password to remember, and gave me the password she wanted.

Whatever, her site. I can advice her, I can't force her.

Today while leaving the parking lot I notice her password...is on her bumper sticker.

Whatever, her site...

If your dentist, doctor or whatever says "I suggest this/that", how many of you say "No, do this instead"?

I use password for all my passwords. Its easy to remember.

i use letmein/letmein for most things- if it's something more important like online banking i use asdf/asdf

my password is : fuckyou

I use song and band names with some of the letters made in numbers to keep it challenging.
an example, but one I don't use would be 3m1n3m

i'm not telling )

plenty of good pw site managers out there. they can generate secure PW's too.

same here.,
1 of my friend uses password as password . . . wtf
but there is very easy method for maintaining lots of websites account with different password is , use the domain as password for each site., so u dont need to remember one.,

I have a list somewhere or the most used usernames and passwords. We where doing research on hackers and came across a brute force script with them.

Hey geek! I got my Facebook back. Re-add me! :)

top passwords are always 12345, 1234, password, qwerty, iloveyou, shit like that ....

top bank card pins are 1234 and birth year as well.

Almost as bad are people in unsecure environments that have their passwords on a sticky on the monitor.

You might want to educate her a bit more. It is only a question of time before someone hacks her, and when that happens, she will blame YOU for delivering an unsecure and poor product and tell all her friends about it.

Example:
"I got a website made by camperjohn64. But someone was able to hack it one week later. Fortunately, the nice guys at company XYZ came to my rescue, and remade the entire site from scratch. Now it works perfectly. I am so happy that I changed company."

"Password" is the best password. It's impossible to crack it..

LOL @ Idiots using 'password'...

Its passw0rd - The zero instead of the 'o' means you have a number in it! & you call yourselfs webmasters? Gee, I dunno...

:1orglaugh i use username for password :)

If she wont have something like sASp8Xe9Ru for never being able to remember it I have had more success with persuading people to have a sentence they can remember instead.

i am a complete spacker that can't remember passwords = iaacstcrp which at least isn't a word.

just tell her to put last two numbers of her birth year inside her sticker password, she is safe and she can do it ...

If I found a site using "password" as the password I would change it to something really hard to remember so the smuck would have to change it again by requesting it from the site LOL . . .

Nice, except that GRC.com might have your "unique" secret password somewhere in their logfiles.

But could be OK if you are just looking for an alternative random salt-generator.

User Name: dumb_shit
Password: password

You've just compromised my GFY account!

Yep I have had that same conversation a few times.

My passwords are usually very long, and different each time...

Most of the passwords being stolen these days are from password sniffers - they have gotten really good at stealing user/pass combos. The password "guessing" programs are gone and have been replaced with password sniffers. From speaking to others the best thing to do is use SSL with sessions if you want to keep things locked down. Your employees weak password is more likely to get sniffed out than guessed.

how do password sniffers sniff out user/pass combos to a particular paysite?

how do password sniffers sniff out user/pass combos to a particular paysite?