Comments on: Brits Give Up Passwords For a £5 Gift Voucher http://www.darknet.org.uk/2008/09/brits-give-up-passwords-for-a-5-gift-voucher/ Ethical Hacking, Penetration Testing & Computer Security Tue, 14 Feb 2012 00:17:07 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: collector http://www.darknet.org.uk/2008/09/brits-give-up-passwords-for-a-5-gift-voucher/#comment-124884 collector Thu, 02 Oct 2008 07:15:19 +0000 http://www.darknet.org.uk/?p=1085#comment-124884 Go to any public user database and execute this: SELECT password, count(*) FROM users GROUP BY password ORDER BY count(*) DESC; you'll find that 1% of all hashed passwords are the same. Try to de-hash it width http://gdataonline.com/seekhash.php, or if you are using something other than standard md5, try hashing the 123456 and see if it's match ;) Go to any public user database and execute this:

SELECT password, count(*) FROM users
GROUP BY password
ORDER BY count(*) DESC;

you’ll find that 1% of all hashed passwords are the same. Try to de-hash it width http://gdataonline.com/seekhash.php, or if you are using something other than standard md5, try hashing the 123456 and see if it’s match ;)

]]> By: SpikyHead http://www.darknet.org.uk/2008/09/brits-give-up-passwords-for-a-5-gift-voucher/#comment-124870 SpikyHead Wed, 01 Oct 2008 00:40:28 +0000 http://www.darknet.org.uk/?p=1085#comment-124870 Well thats why they say... Common Sense is Not So Common... When will these people learn Well thats why they say… Common Sense is Not So Common…

When will these people learn

]]> By: Yami King http://www.darknet.org.uk/2008/09/brits-give-up-passwords-for-a-5-gift-voucher/#comment-124867 Yami King Tue, 30 Sep 2008 18:36:57 +0000 http://www.darknet.org.uk/?p=1085#comment-124867 @ Darknet You are correct about this, well... not entirely, as razta mentioned, you do really need evidence supporting that the information the user gives is actually correct. -- But yes, people tend to give information away quite easily, but wasn't it already known to researchers, people like using information like dates of birth, their pet's name, etc... as their passwords? What actually is quite funny too, is when company policies require users to change their password every month, but do not require any secure passwords, people tend to use the names of the current month as their password. @ Darknet
You are correct about this, well… not entirely, as razta mentioned, you do really need evidence supporting that the information the user gives is actually correct.

But yes, people tend to give information away quite easily, but wasn’t it already known to researchers, people like using information like dates of birth, their pet’s name, etc… as their passwords?
What actually is quite funny too, is when company policies require users to change their password every month, but do not require any secure passwords, people tend to use the names of the current month as their password.

]]> By: Darknet http://www.darknet.org.uk/2008/09/brits-give-up-passwords-for-a-5-gift-voucher/#comment-124859 Darknet Mon, 29 Sep 2008 07:30:06 +0000 http://www.darknet.org.uk/?p=1085#comment-124859 They aren't giving actual passwords, but the survey mines enough data to ascertain the passwords within a few guesses and know WHICH sites they use them on. To most people they wouldn't even realise what they'd given away. They aren’t giving actual passwords, but the survey mines enough data to ascertain the passwords within a few guesses and know WHICH sites they use them on. To most people they wouldn’t even realise what they’d given away.

]]> By: razta http://www.darknet.org.uk/2008/09/brits-give-up-passwords-for-a-5-gift-voucher/#comment-124858 razta Mon, 29 Sep 2008 07:02:19 +0000 http://www.darknet.org.uk/?p=1085#comment-124858 I agree. I dont think many people would have given their real passwords, when they could just make it up and get the I agree. I dont think many people would have given their real passwords, when they could just make it up and get the

]]> By: Goodpeople http://www.darknet.org.uk/2008/09/brits-give-up-passwords-for-a-5-gift-voucher/#comment-124857 Goodpeople Sun, 28 Sep 2008 05:54:28 +0000 http://www.darknet.org.uk/?p=1085#comment-124857 This is one of those moments where I wonder if people are really worh protecting.. Of course I would also have told the researcher that my passwords are very simple.. just to get the check. This is one of those moments where I wonder if people are really worh protecting..

Of course I would also have told the researcher that my passwords are very simple.. just to get the check.

]]> By: Bogwitch http://www.darknet.org.uk/2008/09/brits-give-up-passwords-for-a-5-gift-voucher/#comment-124855 Bogwitch Sat, 27 Sep 2008 17:02:15 +0000 http://www.darknet.org.uk/?p=1085#comment-124855 {sigh} It's been said before, I'd quite happily make up a password for a researcher. I'd also tell them it was something simple, Wife's maiden name, pets name, registration number. Why? I have a vested interest in generatin IT Sec work and fearmongering like that it just the ticket. 5 quid gift voucher would be a bonus for me. {sigh}
It’s been said before, I’d quite happily make up a password for a researcher. I’d also tell them it was something simple, Wife’s maiden name, pets name, registration number.
Why? I have a vested interest in generatin IT Sec work and fearmongering like that it just the ticket.
5 quid gift voucher would be a bonus for me.

]]>