Sentor
Home Managed Security Services Professional Services News About Sentor Contact us
Sentor MSS UK
41a Coronet Street
London N1 6HD

Phone: +44 (0) 20 70 33 18 38
E-mail: info@sentormss.com


Page in Swedish In Swedish

Imperva uncovers weak online password use

2010-01-21

Information security company Imperva has uncovered some weak passwords in its investigation into the 32 million that were recently exposed in the Rockyou.com data breach.

The organisation's Application Defense Center has now released its Consumer Password Worst Practices report, revealing that the most commonly used password was "123456", followed by "12345" and "123456789". The term "password" was the fourth most widely used, with "iloveyou" in fifth.

Other findings from the report showed that half of the passwords indentified were names, slang words, dictionary words or trivial terms.

According to Imperva, the brevity and simplicity of passwords means many users are leaving themselves open to basic forms of cyber attacks called "brute force attacks".

Imperva's chief technology officer Amichai Shulman commented: "Everyone needs to understand what the combination of poor passwords means in today's world of automated cyber attacks. With only minimal effort, a hacker can gain access to one new account every second - or 1,000 accounts every 17 minutes.

"Employees using the same passwords on Facebook that they use in the workplace bring the possibility of compromising enterprise systems with insecure passwords."

He claimed that this problem has not changed much in the past 20 years and he pointed to a 1990 Unix study, which indicated that people were selecting similar passwords back then as they are now.

Mr Shulman added that now is the time for people to take password security seriously as it is a central first step in protecting data.

Imperva recently named some of its security predictions for 2010, one of which was that there will be more attacks on social network sites. People are vulnerable and less technically savvy on these websites and are vulnerable to phishing attacks and malware, the company asserted.

It also said that companies will begin to take a proactive approach to information security, rooting out issues in order to prevent data breach incidents.

Read more security news.

IT Security News
© Sentor 2010