Worst Passwords of 2011

22-Nov-2011

Here are the 25 worst internet passwords for 2011, as ranked by SplashData based on millions of stolen passwords posted online by hackers: 

  1. password
  2. 123456
  3. 12345678
  4. qwerty
  5. abc123
  6. monkey
  7. 1234567
  8. letmein
  9. trustno1
  10. dragon
  1. baseball
  2. 111111
  3. iloveyou
  4. master
  5. sunshine
  6. ashley
  7. bailey
  8. passw0rd
  9. shadow
  10. 123123
  1. 654321
  2. superman
  3. qazwsx
  4. michael
  5. football
Industrial Security - Firewall
It goes without saying that the majority of these are either the factory default settings, or painfully unimaginative. SplashData provided some tips for choosing passwords that are more likely to survive a brute-force password hack:
  • Vary different types of characters in your passwords; include numbers, letters and special characters when possible.
  • Choose passwords of eight characters or more. Separate short words with spaces or underscores.
  • Don’t use the same password and username combination for multiple websites. Use an online password manager to keep track of your different accounts.

Integrated Automation adds the following advice:

  • Ensure that passwords for control systems are unique for each individual, logout after a period of inactivity, and are changed periodically. We note however that it isn't always practical for a shared SCADA terminal for example to comply fully.
  • Ensure that automation networks are protected by firewalls to control traffic across all network segment interfaces.
  • Ensure that wireless systems use encryption, and try to contain spill beyond the premises by reducing signal strength, or using sectoral / directional antennas rather than omni-directional.

This article originally appeared on mashable.