Skip to main content

Hotmail Phishing Scandal Shows Most Common Password Is 123456

A detailed analysis of the list of Hotmail passwords that were leaked on Pastebin.com showed that the most commonly used password is the string "123456" which appeared 64 times in all.

According to Bogdan Calin, chief technology officer at web application security company Acunetix, who got hold of the list before it was pulled from the developer code sharing website, only 90 percent of the valid passwords unique.

Interestingly, most of the names in the top 20 most common passwords in the lot were Hispanic ones which lead Mr Calin to believe that the phishing kit which collected the names was targeting the Latino community.

More than half the passwords had a character length of 9 or less with only six percent mixing alphanumeric and non-traditional characters together, a combination which is considered by security experts to be the most secure.

The passwords were collected using widespread phishing techniques that include sending "security" emails asking customers to re-enter their login details, sending fake instant messaging invites to new services or impersonating someone in the victim's network.

Our Comments

Finding a good password is not a problem but remembering it and making sure that you don't use it on other websites is infinitely more difficult. And this latest password fiasco proves that having a great password doesn't make someone any less dumber.

Related Links

Statistics from 10,000 leaked Hotmail passwords

(The Register)

Your Password, '123456,' Sucks

(PCPro)

Hotmail phish exposes most common passwords

(Tomsguide)

Top passwords are revealed

(eCommerce-Journal)

Leaked Hotmail Data Shows Poor Choice Of Passwords

(Internetnews)

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at ITProPortal.com where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.