Well, the passwords themselves have been analysed by Imperva, a security firm, with worrying results.
Put simply, the level of password sophistication uncovered is dangerously low.
The most commonly used password on these accounts was – wait for it – the old chestnut: “123456”.
Followed by, in second place, “12345”. Sigh…
Simple strings of numbers, and passwords such as “password” or “qwerty” were also relatively common. As was the name of the site, “rockyou”.
We’ve no idea how many people used the password “I am an idiot please compromise my account”, but we suspect it might be a few.
The Imperva report also found that 30% of users had a weak password length (six characters or less), and almost 50% used names, slang words, or consecutive strings of numbers or characters as we’ve already mentioned.
Only a mere 0.2% of users could be considered to have a strong password (eight characters or more, with a mix of symbols, numbers, and different case letters).
What’s worse still is the fact that people will re-use these passwords for all their online accounts, giving a hacker access to everything in one fell swoop.