MySpace users have stronger passwords than corporate users
Bruce Schneier analyzes the data from a successful phishing attack on MySpace and compares the captured user-passwords to an earlier data-set from a corporation and concludes that MySpace users are better at coming up with good passwords than corporate drones. The article is a great state-of-the-password address, with lots of fun nuggets like "We used to quip that 'password' is the most common password. Now it's 'password1.' Who said users haven't learned anything about security?"LinkWhile 65 percent of passwords contain eight characters or less, 17 percent are made up of six characters or less. The average password is eight characters long.
Specifically, the length distribution looks like this.
Yes, there's a 32-character password: "1ancheste 23nite41ancheste 23nite4." Other long passwords are "fool2think fool2thinkol 2think" and "dokitty17darling7g7darling7."
Share this post
Cory Doctorow
Upcoming appearances
* Feb 9, 2012, DeKalb, IL: Day of Doctorow, NIU
* Feb 10-12, 2012, Chicago, IL: Capricon 32
* Feb 13, 2012, Arlington, TX: UT Arlington College of Engineering Distinguished Speaker Series
* Feb 16, 2012, Victoria, BC: 13th Annual Privacy and Security Conference
Recent books:
* Context (essays)
* With a Little Help (short stories)
* For the Win (YA novel)
* Makers (adult novel)
Where not otherwise specified, this work is licensed under a Creative Commons License permitting non-commercial sharing with attribution. Boing Boing is a trademark of Happy Mutants LLC in the United States and other countries.