The Crazy World of Passwords: To “@” or to “!”
I did an open day at my university on Saturday, and part of this was a fun Mentimeter test on passwords. As with every talk I have given on this, the majority used a single upper case character, put the number at the end, and used “!” or “@” in their password. The usage of this type of approach is well known to tools such as Hashcat, and where rules can be set up to take standard dictionary words and add them together, while making the first character uppercase and adding a numeric value, and “@” or “!” to the end of the password.
So, some day, soon, we have to realise that passwords are just a legacy from a time of mainframe computers and that we need to find better ways to authenticate ourselves. Now a new paper reveals just how we use our passwords on public and private wifi [here]:
The research has analysed around one million passwords taken from public wifi hotspots, and compared them to the passwords used in the China Software Developer Network (CSDN) [here], LinkedIn and Yahoo! Voices data breaches:
