The most popular phone passwords. Complex passwords for VKontakte

The other day, the news spread all over the internet that someone had stolen the passwords and logins of VKontakte users, and then carefully posted them in a Word file for everyone to see. It’s interesting how webplanet.ru analyzed this information. Read and change your passwords :)

From the article:
... The main sign of fading mental abilities can be considered the number of unreliable passwords. 1,344 people (or 3.36 percent of 40 thousand unique users) protect their personal data not only with simple, but also with common passwords (we classified as common those that appear more than 10 times).

Here are the twenty most popular of them:
Password Quantity Percent
123456 134 0,34%
123456789 85 0,21%
qwerty 85 0.21%
111111 51 0,13%
1234567890 41 0,10%
7777777 39 0,10%
123321 34 0,09%
666666 33 0,08%
1234567 31 0,08%
123123 29 0,07%
12345678 26 0,07%
qwertyuiop 26 0.07%
qazwsxedc 25 0.06%
000000 23 0,06%
love 23 0.06%
555555 22 0,06%
zxcvbnm 22 0.06%
654321 19 0,05%
gfhjkm 19 0.05%
1q2w3e4r 18 0.05%

Note 1: In case anyone hasn't guessed, "gfhjkm" is the word "password" typed in the Latin keyboard layout. Many people consider this technique to be very cunning.

Note 2: The vigilant administration of the resource has for some time now prohibited changing passwords to purely digital ones, however, creating new accounts with such passwords is still allowed.

A few words about the main disease of Internet addicts - copypasting. Let us recall that in the social network we are considering, email addresses are used as logins. So, for 343 users (0.86%) the password is identical to the login on the mail service (i.e., the part of the postal address before the “dog”), and for another 67 people (0.17%) the password completely matches the login (i.e. that is, the entire address, including the “dog” and what follows it).

Who was that smart guy who said that holy simplicity is worse than theft?

Where is his button?

I would like to say something special about one of the popular passwords that is not included in the TOP 20.

On the settings page, in the section for changing the user password, the administration posted the following simple instructions:

Make sure the CAPS-Lock button is not enabled
The password must be at least 6 characters long
Even better - use both letters and numbers
"kNOpKA" and "knopka" are different passwords

As you would expect, 16 people out of 40 thousand (0.04%) chose the word given in the last line as their password. Of these, 12 used the "knopka" option, 2 - "knopka" and 1 - "KNOPKA". Another advanced girl set herself a password “ryjgrf”, that is, “button” in the Latin layout.

It would seem that 0.04% is an insignificant figure. However, on the scale of the entire service, this is no longer 16, but 15,600 accounts. And this key was carefully placed into the hands of the attackers by the administration itself!

Call me, call me!

More than seven thousand passwords in the database under consideration are completely digital sequences (considered non-secure), of which at least a thousand (that is, more than 2.5%) resemble telephone numbers to one degree or another. It's worth noting that we only looked at seven- and ten-digit numbers, so this figure may be a significant underestimate. Add to them 237 11-digit passwords starting with “80” (healthy bulls, shanovny Ukrainian friends!) and another dozen telephone passwords starting with “+”. Considering that VKontakteers eagerly publish telephone numbers on their personal pages, and that telephone databases are not so difficult to buy, such passwords cannot be considered reliable.

Not bad? But we haven’t said a word about love yet.

Love will open all the bolts

“Love” in one form or another is present in 332 passwords (0.83%). This also included the words “love”, “beloved”, “beloved” and their combinations with proper names. If the figure of 0.83% does not impress you, add here an incalculable number of passwords with the names (in particular, nicknames, surnames and initials) of your beloved girl, beloved boy, and also your beloved self.

Among the passwords with names, there are such cryptographically strong ones as “lyublyuserezhu”, “LastNameName” and even “pusenka” (for an email address starting with “pusya”). Let us remind you that the name of your beloved or loved one, not to mention the name of the person himself, can be easily taken from the personal data directly on the site.

Sorry, birthday...

Another type of commonly used insecure password is dates. Indeed, it is much more difficult to forget a password if it coincides with someone's date of birth. In the database we studied, we counted at least 1,200 passwords (3 percent of the total) in formats like HHMMYYYY and YYYYMMHH.

Information about the date of birth of the user or his immediate environment is often open for review. Moreover, the service warns the user’s friends a few days in advance about the approaching holiday. If the date of birth is still hidden, you can try to find it in the same telephone databases.

To be fair, we note that it is quite possible to create fairly strong passwords using your date or year of birth. It is enough to add a few letters before, after or between the numbers. According to our estimates, about 0.5 percent of users do this, although some of them spoil the whole thing by adding their name instead of random letters.

They calculated - they shed tears

Total we have:
Common passwords 1344 3.36%
Estimated phone numbers ~1300 ~3.25%
“Love” (minus what is included in paragraph 1) 309 0.77%
Match email address
(before "dog" or completely) 410 1.02%
Dates of birth (20th century only) ~1200 ~3%

Thus, in total, we have up to 11.4 percent of passwords that anyone can crack, provided that he knows the user’s email address, has access to his personal data and is willing to spend five minutes of his precious time.

Add to this passwords that coincide with proper names (which we were too lazy to count, but we are talking about ten percent, no less) and digital passwords that can be quickly cracked with elementary brute force (their share, minus phone numbers and dates, is about 11 percent) - and you get a depressing picture.

The situation is aggravated by the fact that the rules of the service require the user to lay out all the ins and outs about himself. The presence of such a mass of personal information in the public domain is simply a holiday for a potential hacker.

Disclaimer

Of course, during the calculation process we made a number of assumptions. And the base under study cannot in any way be called absolutely reliable. For example, some users clearly could not remember their passwords and simply tried to guess them. And a few smart users, to their credit, actually used the login-password form to send phishers on an erotic journey on foot.

The sample itself, despite its very decent size, also cannot be considered completely representative, since we are talking only about users who, firstly, managed to catch the infection, and secondly, guessed to give their passwords into the wrong hands - that is, about people , notoriously naive in matters of security.

However, having looked at other similar studies conducted in various parts of the world (Google can help you, if you like), we would venture to suggest that in our conclusions we underestimated the scale of the tragedy rather than exaggerated it.

2015 began with Julia writing some materials for paranoids. I have no idea how this happened. But since it’s in the cards, today I will share with you information about the most popular user passwords in the past year. And if among this set of numbers and letters you find yours, know that it’s time to change it urgently!

And despite the fact that the digital blog “123456” still holds the palm in the list of the most not only bad, but common, and therefore unreliable passwords, the company SplashData has published its annual list of objectionable passwords. On January 20, the company’s speakers gave a presentation in California, and it seems to me that it was both witty and very serious. Surely, when they saw the list of the most popular passwords, security specialists laughed very loudly at human naivety. In order to keep your information safe and your e-wallets locked, you don’t have to get fancy devices. Just use passwords. And not the simplest. And you don’t need to set the same password for all accounts, from unlocking your computer to your Facebook account.

Actually, the list of the 25 most popular passwords looks like this:

123456
12345 – became more popular by 17 (!) points
12345678
qwerty
123456789
1234 – became more popular by 9 points
baseball – new
dragon – new
football – new
1234567
monkey – became more popular by 5 points
letmein
abc123 – has become less popular by 9 points, which is good
111111 – became less popular by 8 points, that’s good
mustang – new
access – new
shadow
master – new
michael – new
superman – new
696969 – new
123123 – became less popular by 12 points, that’s good
batman – new
trustno1

Using one of these passwords to protect your device is the same as if you didn’t put any password on it at all. During the year, more than 3.3 million passwords were leaked. And the user error report was actually based on this data. The 25 most used passwords account for 2.2% of unsecured passwords. And, as Mark Burnett, a security specialist, notes, this is the lowest percentage in the company's four years of operation.

if it is not possible to protect your gadget with a fingerprint, use a password. Always use it.
If you have many accounts and devices that require a password, do not set the same one for everyone. It is better to use a data storage application service, PasswordBox for example.
Do not use digital passwords exclusively. It is better that it contains letters, numbers, signs, and also in different registers.
passwords based on simple keyboard patterns (such as QWERTYUIOP or 1QAZ2WSX) are very easy to calculate, they are wildly popular because they are remembered by mechanical memory.
do not use your hobbies when creating passwords - football and baseball are new words this year, but still.
say “NO!” year and date of birth in your password. And also the dates of important days in your life, such as the birth of children, third divorce or mother-in-law’s birthday.
do not use the names of family and friends.
and yes - the names of popular artists and athletes, names of brands and films, as well as popular expressions are also included in the list of “bad” passwords, albeit in a more extended version.

So be vigilant and creative. And if you are too creative, and there are so many accounts that you can’t remember them all, write down the passwords in a document called “DOCUMENT WITH IMPORTANT PASSWORDS” and everyone will be happy! (of course not). Nothing was said about this in the report, but I will still clarify - write down passwords for a bank card in a notebook that you constantly carry with you, take photographs and store in the gallery, write on a napkin and stick it on the refrigerator or on a business card and put it NOT WORTH it in your wallet. For this, there are password messengers or limitless palaces of the mind where they should be stored. And if you haven’t looked yet, we reminded you of a couple of basic rules of conduct on the Internet that we sometimes forget about:

Imagine: someone could break into your apartment in real life, or even worse, get into your head, read or change your thoughts. Good prospect? Would you try to protect yourself from it?

Accounts on websites, social networks, programs are your electronic identities, and passwords are the only way to protect them from external influence. But the vast majority of people do not give them even a fraction of respect. Statistics have shown that the most popular passwords in Russia are so simple that even a child can open them.

What not to do

This article, of course, was written not for self-taught hackers, but for the most ordinary users. They should know what such passwords look like and avoid them at all costs. There are a few simple rules of what not to do if you want to keep your accounts intact. Otherwise, you will then have to apologize to friends and colleagues for sending spam and viruses. Here are the most important rules:

One account – one password. Passwords must be different for different accounts. Using one is a good help for burglars.
The longer the better. The password must be at least 8 characters long. Better - more than 10. Or 12.
There is strength in diversity. A strong password should combine not only numbers, but also letters and symbols. If possible, it is worth changing the register. Remembering this, of course, is more difficult, but also hacking.
What is written with a pen... The worst idea is to write down the password on paper and store it in your wallet or near your work computer. If you are unable to keep several combinations in memory, then it is better to use special programs to store them.
If a password has meaning, it is meaningless as a password. The sacramental “mother’s maiden name”, “first pet’s name” and other standard options - with social networks and blogs, their protective ability has become extremely low.

The rules, as you can see, are quite simple, but few people follow them. At least that's what the statistics say.

What are most often used as passwords in Russia?

Did you come up with your password this way too?

Only a small part of users use combinations of symbols, as expected. Others use meaningful passwords. And in Russia the following groups are most often used:

Date of birth. It is clear that it is impossible to forget your date of birth, but it is not difficult to find it. Some cunning comrades remember their children, parents, husbands/wives. A little more interesting, but also ineffective.
Phone number. The length of such a password is its plus, but the lack of symbols, and most importantly, the easy ability to find it, is a big minus.
Pet name. Very popular passwords, easy to remember, but just as easy to crack.
Combinations of numbers and letters located next to each other. Very common passwords, we will talk about them separately later.
Logical. To many people, the password “password” seems like an original and witty solution. The burglars are very grateful to them for this.

And there are quite a lot of similar examples. The most common passwords are neither elegant, nor original, nor resistant to malware and programmers.

The most common options in Russia

As already mentioned, most often users in Russia simply use combinations of buttons located nearby. This, of course, reduces the time it takes to come up with, remember and enter a password. But it makes hacking your account just as easy. Often, attackers only need to sort through a dozen of the most common keys to find the right one. Such lists are obtained by analyzing the databases of accounts on visited sites. And here is one example:

12345
123456
11111
55555
77777
qwerty
111111
00000
666666
123456789
123321
1234567
123123
gfhjkm
7777777
qwert
22222
555555
33333

Interestingly, such passwords are popular in Russia. In other countries, a similar list would look slightly different:

password1
abc123
myspace1
password
blink182
qwerty1
fuckyou
123abc
baseball1
football1
soccer
monkey1
liverpool1
princess1
Jordan23
slipknot1
superman1
iloveyou1
princess1
Jordan23

If, by an absurd chance, you see your password in this list, we advise you to change it immediately. Of course, if you want to protect your personal data from intruders. If not, put the password “123456” on your WebMoney wallet and check your luck.

Only at first glance, impenetrable passwords do not contain a logical structure and look like gobbledygook. Complex passwords are such only for those who do not know the recipe for creating them. You don't have to remember letter cases, numbers, special characters and their order. All you have to do is choose a memorable one and follow simple tips for creating strong passwords.

Nursery rhymes

We take any children's rhyme or counting rhyme as the basis for the password. It is advisable that it be found only in your area and not be generally known. And better than your own composition! Although any children's rhymes will do, the main thing is that the lines are firmly stuck in your head from a young age.

The password will consist of the first letters of each word. Moreover, the letter will be written in uppercase if it is the first in the sentence. We replace some letters with numbers similar in spelling (for example, “h” with “4”, “o” with “0”, “z” with “3”). If you don’t want to get too confused with replacing letters with numbers, look for a counting rhyme that already contains numbers. Don't forget about punctuation marks that separate words and sentences - they will come in handy.

Example:

The turtle has its tail between its legs

And she ran after the hare.

Got ahead

Who doesn't believe it - come out!

We replace the letters “h”, “z” and “o” with similar numbers. The second, third and fourth lines begin with capital letters and are therefore written in uppercase. Include four punctuation marks. Of course, we write in Russian letters, but on the English keyboard layout.

The 17-character password is ready! It may not be perfect because it contains repeated characters and consecutive lowercase letters and numbers. But to call it simple is certainly hard to come by.

Favorite sayings

The scheme is similar to children's counting rhymes. Only as a basis you take your favorite and very memorable phrases of thinkers, celebrities or movie characters. You can complicate your life somewhat by replacing the letter “h” not with “4”, but with “5”, for example. There can never be too many confusing maneuvers!

Example:

I found out that I have

There is a huge family:

River, field and forest,

In the field - every spikelet...

Replace the letter “h” with “8”, do not forget about upper case and punctuation marks.

Ze,8evTjc^H,g,bk,Dg-rr…

Jargon and terminology

This implies the use of professional jargon that is understandable to an extremely narrow number of people. These words are much more distant from the average person than the criminal sayings that are widely covered on television and the streets of any city.

For example, you can use a hospital discharge or a tricky medical definition.

Example:

Cyclopentaneperhydrophenanthrene is a 28-letter term. It turns out to be a bit long, so I propose to throw out the vowels and dilute the remaining consonants with upper case.

Memorable dates

Of course, your birthday or the day you start your married life is not the best basis for a password. The event should be of exceptional importance, and only you should know about it. For example, this could be the day you ate gum for the first time, ran away from class, or broke your heel. Since the password will be based on numbers, it would be a good idea to mix them with letters.

Example:

10/22/1983 and 06/16/2011

Replace the dots separating the day, month and year with any letter, for example the small English “l”, which is very similar to the quite often used separator “/”. Between dates we will put an underscore character “_”. Let's replace the zeros with the letters "o".

Visual Key

Use the smartphone unlocking technique on your keyboard as well. Think of any shape and “slide” your finger along its contours.

Don't forget to go through the numbers, change the horizontal and vertical direction of movement. And, unlike me, be imaginative!

Conclusion

The proposed methods for creating a password that is memorable, but at the same time quite difficult to understand, can be changed and combined at your discretion. It is enough to think about your super password once, and you can use it in the presence of a stranger without fear.

How do you choose your password?

In this material we will talk about Wi-Fi Internet. About there, how you can use the Internet for free by connecting to third-party Wi-Fi points.

So, as you know, Wi-Fi Internet is very popular nowadays and now almost every apartment has a router that allows you to connect wirelessly to the network and use the Internet with the same quality as if it were on wires.

Wi-Fi networks can be either open or encrypted (with a password). Finding an open Wi-Fi access point with the Internet is simply unspeakable luck. But not everyone is so lucky and not everyone has the opportunity to use the Internet, and that is why we wrote this article.

If you want to connect to the Internet using someone else's Wi-Fi connection at the point where you are, then we can help you with some tips and instructions.

To begin with, it’s worth mentioning that if you just want to find a Wi-Fi Internet access point somewhere near you, then:

1. Try to find large cafes, bars, etc., since in such establishments the Internet is often distributed through an open Wi-Fi access point.

2. Try using the program WiFi Map for Android or IOS. It will show you the passwords to all closed Wi-Fi points that are located near your location.

Well, if you, for example, live in an apartment where Wi-Fi points are available, but they are closed, and you want to be able to access the Internet, that’s a different matter.

1. Very often you can agree with the owner of a Wi-Fi point about its use by you. You can do it for free or pay some money and the owner will give you the password.

But how can you determine where the owner of a Wi-Fi access point lives?

You can do this by monitoring the network signal level. If the signal in your apartment is good enough, then most likely the owner of the point is one of your neighbors, so you can go to them. Do not forget that this could be a neighbor above or below in multi-story buildings.

You can also focus on the name of the network. Very often, users leave the network name unchanged, and it usually contains the apartment number. For example, MTS_47- Most likely this is the access point of the owner of apartment 47 of your building.

2. You can choose a Wi-Fi password manually. To do this, you will need a list of the most common Wi-Fi hotspot passwords:

12345678

1234567890

0987654321

0123456789

qwertyuiop

INTERNET

11111111 (eight units)

1111111111 (ten units) *Instead of units, the numbers 5 or 7 are often used.

/*The owner's phone number is a fairly common password*/

3. When selecting, you can use a third-party program to make your work easier.

For Wi-Fi brute force (WiFi BruteForce) we highly recommend this program. It checks all passwords from the pass.txt file, which contains the most common numeric passwords.

There are many programs like Aircrack-ng And CommView for Wi-Fi, which can be used to decrypt passwords. But all this is done in just a few steps.

There are also good programs on this topic for mobile devices. For example, on Android you can download WIBR+.

4. You can also again use the Wi-Fi Map program, which we wrote about above. It's unlikely, but it's possible that the program has a password for one of the access points available to you.

5. If your hands grow from the place where your hands should grow, then you can get a little confused and get a very impressive result. We are talking about creating a simple but effective Wi-Fi antenna that could have access to all points within a radius of several kilometers. The video will tell you more about this:

We hope we have helped you in this matter.

Remember hacking anything is good, therefore this article is only theoretical in nature - test all of the above on your WiFi network. You can also use the knowledge gained for your own benefit - by protecting your network with a more secure password.