Slog
News & ArtsThursday, July 12, 2012
Tech Yahoo Confirms Leak of 400,000 Passwords
Posted by Anthony Hecht on Thu, Jul 12, 2012 at 2:16 PM
Shocking mostly because people apparently still use Yahoo, but awesome because now we can parse these awesome statistics on how terrible people's passwords are.
The top 10 passwords in this collection?
123456 = 1666 (0.38%)
password = 780 (0.18%)
welcome = 436 (0.1%)
ninja = 333 (0.08%)
abc123 = 250 (0.06%)
123456789 = 222 (0.05%)
12345678 = 208 (0.05%)
sunshine = 205 (0.05%)
princess = 202 (0.05%)
qwerty = 172 (0.04%)
Change your password.
2
I have a yahoo account solely because it is required to have one in order to have a Flickr account, which nonetheless is a different account and password -- but you have to go through the Yahoo login first. Since I have to do this about once every two years, I forget my Yahoo password every single time. Yahoo sucks donkey balls.
3
@2, Flickr user here too. I also don't remember my yahoo password and I didn't write it down which I normally do.
4
Long have I waited for an opportunity to announce I have a robot assign big long passwords for all these different sites now. It remembers them all for me - if I forget the master password for my robot I am hosed.
7
The thing is, nobody's password ever gets cracked by repeated guessing. Sites just shut you down after enough guesses to get anywhere close. Passwords get taken in one of three ways - they either trick you into telling them your password by phishing, they install a key-logger on your computer, or they hack the site that has your password like somebody did to Yahoo. Having a complicated-to-guess password like had8458?!?usdig won't do anything at all to protect you.
8
Also still have Yahoo for Flickr, with the same password (until about 5 minutes from now) that I used to create one in like... 1998. Yep, changing.
10
It warms my heart to see ninja so high up on the list.
OOPS.
My password is NOT ninja! Nope. Definitely not that.
Glad we got that cleared up (phew...close one.)
OOPS.
My password is NOT ninja! Nope. Definitely not that.
Glad we got that cleared up (phew...close one.)
11
I have email accounts with all the major, generic services (hotmail, yahoo, gmail, etc.).
None are better or worse than others. They all get some spam, none more or less than others. They all function almost identically to each other.
People who say "You still use yahoo/hotmail/whatever?! Dude that's so old! Don't you know all the cool kids use gmail now?!" are only fooling themselves.
None are better or worse than others. They all get some spam, none more or less than others. They all function almost identically to each other.
People who say "You still use yahoo/hotmail/whatever?! Dude that's so old! Don't you know all the cool kids use gmail now?!" are only fooling themselves.
14
actually, it's 450,000 accounts, but a lot were obvious dupes used by the same person.
D3474 continues to be a secure password ...
D3474 continues to be a secure password ...
16
The real question is what percentage of the accounts with a password like 123456 were used once and thrown away.
17
When gmail stops sucking so bad, and allows me to multi-task more then I'll switch. So, I'll probably have a yahoo account until google absorbs it.
18
@7 - You're making a big assumption that sites are implementing something that would shut down repeated guesses. That's not true. Most sites will happily let you guess until the cows come home, but more importantly, will let a robot guess until the robot cows come home.
It's absolutely more secure to have a hard to guess password. But it's more secure to use different passwords on different sites (that don't follow a guessable pattern). Your password is only as secure as the crappiest site you've used it on.
And for everyone else: YAHOO?!?!? HAH HA HAH AHAHA/
It's absolutely more secure to have a hard to guess password. But it's more secure to use different passwords on different sites (that don't follow a guessable pattern). Your password is only as secure as the crappiest site you've used it on.
And for everyone else: YAHOO?!?!? HAH HA HAH AHAHA/
19
I'm pretty sure most of the people with the terrible passwords are people who don't care if someone guesses their password.
I'd be interested to hear the names on the attached email addresses. How many "Homer Simpson"s are there?
I'd be interested to hear the names on the attached email addresses. How many "Homer Simpson"s are there?
20
19, I thought that too. I have two e-mail accounts. One is for personal/legitimate stuff, the other is for all the forums, websites, and all of that other junk I have to register for (including this one).
Advertisement
Most Commented on Slog
-
It's Spring! Who's Ready for Street Harassment? by Cienna Madrid
-
New Gun Enthusiast... by Dan Savage
-
SL Letter of the Day: Gonna Boil My Laptop After Answering This One by Dan Savage
-
America Doesn't Care About Black People by Charles Mudede
-
Bigot Florist Files Countersuit by Dominic Holden
-
US Military Grants Itself the Power to Police American Streets and "Quell" "Civil Disturbances" by Brendan Kiley
-
SL Letter of the Day: Living Discomfortably by Dan Savage
-
Slog Super Poll: Who Should Be Mayor? by Dominic Holden
-
Black Market Elimination Fail: Draft Pot Rules Call for Ban on Hash and Hash Oil by Ben Livingston
-
Tim Burgess Quits the Mayor's Race by Dominic Holden
Stranger Personals
The Stranger
RSSSeattle Art & Performance Quarterly
A complete guide to Seattle's current art, film, dance, and theater season.
Facebook
Twitter
Comments (20) RSS