Skip to main content

A Security Researcher Just Dumped 10 Million Real Passwords



Security researcher Mark Burnett released a torrent of 10 million passwords and usernames, a trove of comparatively anonymized data that he sourced from open websites from around the web. The passwords and usernames are older and most probably dead and, most importantly, Burnett sourced them from websites that were “generally available to anyone and discoverable via search engines in a plaintext (unhashed and unencrypted) format and therefore already widely available to those with an intent to defraud or gained unauthorized access to computer systems.”

Why did he do it? Password behaviors are opaque. No one knows why we choose certain passwords over others nor do they have any way of assessing the relative strength of passwords on the web. While corporations like to say their password databases are secure, how do we know? And how can they be secure when the most popular password is “password?”

Burnett writes:

Frequently I get requests from students and security researchers to get a copy of my password research data. I typically decline to share the passwords but for quite some time I have wanted to provide a clean set of data to share with the world. A carefully-selected set of data provides great insight into user behavior and is valuable for furthering password security. So I built a data set of ten million usernames and passwords that I am releasing to the public domain.
You can download the trove here.

It is interesting to note that Burnett had a great deal of trouble deciding whether he wanted to release these passwords. Because the law is often opaque regarding technical issues and legislators are ignorant when it comes to the same, people like Burnett are actually afraid to publish their research. The jailing of a journalist named Barrett Brown is one step in the long road towards self-censorship in matters of security and that can’t be the case.

So download those passwords and figure out just where you’re going wrong. I, for one, will never give up my super secure password of “ILovePizzaAndBeerLakers2015!”
Labels:

Comments

Post a Comment

Popular posts from this blog

How To Hide Text In Microsoft Word 2007, Reveal It & Protect It

Sometimes what we hide is more important than what we reveal. Especially, documents with sensitive information, some things are supposed to be ‘for some eyes only’. Such scenarios are quite common, even for the more un-secretive among us. You want to show someone a letter composed in MS Word, but want to keep some of the content private; or it’s an official letter with some part of it having critical data. As important as these two are, the most common use could involve a normal printing job. Many a time we have to print different versions of a document, one copy for one set of eyes and others for other sets. Rather than creating multiple copies and therefore multiple printing jobs, what if we could just do it from the same document?  That too, without the hassle of repeated cut and paste. We can, with a simple feature in MS Word – it’s just called Hidden and let me show you how to use it to hide text in Microsoft Word 2007. It’s a simple single click process. Open the docum...
1 comment
Read more

Build Your Own Awesome Personal 3D Avatar with Avatara

Do you use social networks and want to build your own awesome 3D avatar? Maybe you want to send someone a cute cuddly image of yourself (kind of)? Or maybe you have your own ideas of what you would do with an Avatar… Well look no further than Avatara which I discovered from the MakeUseOf directory . You can create 3d avatars out of pre-set up templates or create your own from scratch. To start, visit Avatara’s homepage . You will see this screen: Click Get Started to umm, get started! That will take you to this screen: You see that you can build your own Avatar using an uploaded head shot like the Obama one above (just an example, guys). Or roll with one of their awesome avatars. I chose to start with a blank avatar by clicking Start with a blank avatar at the bottom of the screen. That takes you to here: I clicked on the filter at the top and told it to filter out everything but male characters and then I saw this: I rolled with Buck and continued. You need to click Select...
1 comment
Read more

Ex-Skypers Launch Virtual Whiteboard Deekit

Although seriously long in the tooth and being disrupted by a plethora of startups, for many years Skype has existed as an almost ubiquitous app in any remote team’s toolkit. So it seems apt that a new startup founded by a team of ex-Skype employees is set to tackle another aspect of online collaboration. Deekit, which exits private beta today, is a virtual and collaborative whiteboard to help remote teams work smarter. The Tallinn, Estonia-based startup is headed up by founder and CEO, Kaili Kleemeier, who was previously a Head of Operations at Skype. She and three colleagues quit the Internet calling giant in 2012 and spent a year researching ideas in the remote team space. They ended up focusing on creating a new virtual whiteboard, born out of Kleemeier’s experience collaborating with technical teams remotely, specifically helping Skype deal with incident management. “Working with remote teams has been a challenge in many ways – cultural differences, language differences, a...
Post a Comment
Read more