[Oblisk]

Passwords that show no imagination or distinctiveness are easy prey for information pirates, a new US study says.

A statistical analysis of 28,000 passwords recently stolen from a popular US website and posted on the Internet reveals that people often do the easy thing.

It found that 16 percent took a first name as a password, often their own or one of their children, according to the study published by Information Week.

Another 14 percent relied on the easiest keyboard combinations to remember such as "1234" or "12345678." For those using English keyboards, "QWERTY", was popular. Likewise, "AZERTY" scored with people with European keyboards.

Five percent of the stolen passwords were names of television shows or stars popular with young people like "hannah," inspired by singer Hannah Montana. "Pokemon," "Matrix," and "Ironman" were others.

The word "password," or easy to guess variations like "password1," accounted for four percent.

Three percent of the passwords expressed attitudes like "I don't care," "Whatever," "Yes" or "No."

There were sentimental choices -- "Iloveyou" -- and their opposite -- "Ihateyou."

Robert Graham, of the company Errata Security, which did the analysis and published the conclusions, advises that to better protect against cyber intrusions: "choose a password that is longer than eight characters with one capital letter and one symbol."

http://www.physorg.com/news153650514.html

[Dr House]

That's because people usually can't/won't remember anything more complex than that, and some password-pretected information doesn't require so much security anyway. I personally use three layers of password security, because some of my password-protected stuff, like my Pofo account, is really not that important to keep secure.

[Potemkin]

http://www.youtube.com/watch?v=dOD7IDPpjuA

[Thunderhawk]

I should install an add one that makes it easy to use accented letters.

[Dr House]

If you're in an English-language keyboard (you're Canadian, you should be):

Alt + 160 = á
Alt + 130 = é
Alt + 161 = í
Alt + 162 = ó
Alt + 163 = ú
Alt + 164 = ñ

Glad I could help.

[Thunderhawk]

punching in ascii codes is not convenient.
Typing in alt 130 for the é in Montréal kills the flow of writing.


Id perfer the ability to hold down CTRL/ALT key and then press a letter key which would result in the accented version being displayed.
For letters with more then one type of accent, treat left and right alts as seperate.
I know its done in a couple European countries.

[Dr House]

Id perfer the ability to hold down CTRL/ALT key and then press a letter key which would result in the accented version being displayed.

Some people in PR have their keyboards set up to do that. I have no idea how it's done.

Spanish-language keyboards are set up that way too, but I prefer English keyboards.

[Cartertonian]

One can argue the pros and cons of IT security to infinity without resolution.

All I know is, it's a thorough pain in the arse to have to have different alphanumeric passwords for all of the different systems I have to operate at work - and then for it to be against the rules for me to write the damn things down or make any other sort of record of them

And why do they have to change the bloody things so often? Our systems all seem to demand a new password every 3 months...

...so it takes you two and a half months to finally triumph and learn your bloody password off by heart...

...just in time for the "your password will expire in 14 days - would you like to change it now?" dialogue box

Aaaaarrrggghhhhhh!!

[HutSutRaw]

This article reminds me of Spaceballs!

Anyway, I'm the same when it comes to passwords. With certain sites, I use RoboForum.

[Ter]

I had to reconfigure the email system of my domain for my company and all employees had to give me their passwords in order to do that.

one was "whatever"
another was the name of the town we are in
the rest were their names, some with "01" behind it.

I used a long word in a non-English language till now but switched to a long combination of letters and numbers with a formula that I can remember easily.

Ter

[Zagadka]

A smart password check would prevent the use of non-standard characters like "é"

[Thunderhawk]

A smart password check would prevent the use of non-standard characters like "é"

huh?

[Zagadka]

huh?

Depending on the database and host OS, it could create an error or different char value.

[foilist13]

It generally helps to find a short, random sequence that you can remember, and repeat it once or twice in your password i.e. A3gfA3gfA.
Thats a perfectly decent password, that very few people would guess.