Presentation is loading. Please wait.

Presentation is loading. Please wait.

Analysis of Passwords Renier van Heerden and Johannes Vorster CSIR, DPSS Research funded by DST, CSIR DPSS.

Published byAdrian Stevenson Modified over 9 years ago

Similar presentations

Presentation on theme: "Analysis of Passwords Renier van Heerden and Johannes Vorster CSIR, DPSS Research funded by DST, CSIR DPSS."— Presentation transcript:

1 Analysis of Passwords Renier van Heerden and Johannes Vorster CSIR, DPSS Research funded by DST, CSIR DPSS

2 © CSIR 2007 www.csir.co.zaSlide 2 Passwords are part of everyday life From previous studies Average length 7 – 8 characters Password advice are ignored when not enforced Permutations of dictionary words and numbers are popular Special characters use was very limited “Memory” is the most important factor

3 © CSIR 2007 www.csir.co.zaSlide 3 Collecting passwords: Internet Internet Search “password list” Google (55 900 000) Yahoo (1 380 000 000) MSN (437 000 000) Adding specifications Single phrase English language Text Files 988 results Password lists found Default password lists SANS (SysAdmin, Audit, Network, Security) Institute password list Albums password list

4 © CSIR 2007 www.csir.co.zaSlide 4 Collecting passwords: Peer to Peer (P2P) P2P network consists Multiple hosts Inter Connected Sharing Hosting Bandwidth Used for Distributing illegal content High Bandwidth applications

5 © CSIR 2007 www.csir.co.zaSlide 5 Collecting passwords: Peer to Peer Results eMule results Unix passwords 45000 MySpace accounts Default password list FTP password list Rapidshare Premium Accounts Wireless Access Points Passwords

6 © CSIR 2007 www.csir.co.zaSlide 6 Previous studies Unix Passwords The most popular password length is 6 characters with 34.7 % use Common names are used in 4% of the passwords Username and passwords are the same in 2.7% of passwords Cartoons, Movies, fiction and place names are used in 1.4% of passwords

7 © CSIR 2007 www.csir.co.zaSlide 7 Previous studies Top 10s PC Magazine password 123456 qwerty abc123 letmein monkey myspace1 password1 bink182 (username) UK Web passwords 123 password liverpool letmein (“let me in”) 123456 qwerty charlie monkey arsenal thomas

8 © CSIR 2007 www.csir.co.zaSlide 8 Previous studies Online Students List of passwords from online students 123456, 123, 123123, 01234, 2468, 987654, etc 123abc, abc123, 246abc First Name Favourite Band Favourite Song first letter of given name then surname qwerty, asdf, and other keyboard rolls Favourite cartoon or movie character Favourite sport, or sports star Country of origin City of origin All numbers Some word in the dictionary Combining 2 dictionary words any of the above spelled backwards aaa, eee, llll, 999999, and other repeat combinations

9 © CSIR 2007 www.csir.co.zaSlide 9 Default Passwords Default Passwords Lists Computer Hardware (Vendors) BIOS Backdoors Many sites http://defaultpassword.com/

10 © CSIR 2007 www.csir.co.zaSlide 10 Password Analysis, Data Password Lists used (# passwords) Commercial Company (28 570) Music Password list (1776) Unix Password (3106) Myspace Accounts (45 000) FTP Sites (332) Rapidshare passwords (32 028) WiFi Passwords (925) Default Passwords (251) (www.governmentsecurity.org) Default2 Passwords (945) (http://defaultpassword.com/) )http://defaultpassword.com/

11 © CSIR 2007 www.csir.co.zaSlide 11 Password Analysis, Most Popular

12 © CSIR 2007 www.csir.co.zaSlide 12 Password Analysis, Most Popular 2

13 © CSIR 2007 www.csir.co.zaSlide 13 Password Analysis, Most Popular 3

14 © CSIR 2007 www.csir.co.zaSlide 14 Character use

15 © CSIR 2007 www.csir.co.zaSlide 15 Character sequence

16 © CSIR 2007 www.csir.co.zaSlide 16 Conclusions Password lists are available on the Internet The term “password” is commonly used on the Internet eMule is more successful than search engines Default passwords are easily obtainable Common passwords are: password 123… qwerty Username abc123

Download ppt "Analysis of Passwords Renier van Heerden and Johannes Vorster CSIR, DPSS Research funded by DST, CSIR DPSS."

Similar presentations

1 How To Use a Browser A Module of the CYC Course – Computer Basics 8-28-10.

1 How To Use a Browser A Module of the CYC Course – Computer Basics
Cyber-Safety Instructors: Connie Hutchison & Christopher McCoy.

Cyber-Safety Instructors: Connie Hutchison & Christopher McCoy.
Chapter One The Essence of UNIX.

Chapter One The Essence of UNIX.
1 Search Engines. 2 1. What is the Internet? The Web is only part of the Internet The Internet is a computer network connecting millions of computers.

1 Search Engines What is the Internet? The Web is only part of the Internet The Internet is a computer network connecting millions of computers.
What is a protocol? 1.set of rules governing communications 2.the etiquette of diplomacy and affairs of state 3.a movie starring Goldie Hawn 4.all of the.

What is a protocol? 1.set of rules governing communications 2.the etiquette of diplomacy and affairs of state 3.a movie starring Goldie Hawn 4.all of the.
The Internet. What is the Internet? A community with about 100 million users Available in almost every country about 160,000 people are added each month.

The Internet. What is the Internet? A community with about 100 million users Available in almost every country about 160,000 people are added each month.
Notes to Teachers At the time we embedded the links in these lessons, they all worked. If they don’t, you can google the website, find the link, open it.

Notes to Teachers At the time we embedded the links in these lessons, they all worked. If they don’t, you can google the website, find the link, open it.
Text passwords Hazim Almuhimedi. Agenda How good are the passwords people are choosing? Human issues The Memorability and Security of Passwords Human.

Text passwords Hazim Almuhimedi. Agenda How good are the passwords people are choosing? Human issues The Memorability and Security of Passwords Human.
Creating STRONGCreating STRONGPasswords. CREATING STRONG PASSWORDSCREATING STRONG PASSWORDS A strong password is an important part of keeping your information.

Creating STRONGCreating STRONGPasswords. CREATING STRONG PASSWORDSCREATING STRONG PASSWORDS A strong password is an important part of keeping your information.
Computing Concepts – Part 2 Getting Started with Applied Computer Concepts Computing Concepts: Part 2 1.

Computing Concepts – Part 2 Getting Started with Applied Computer Concepts Computing Concepts: Part 2 1.
Internet. 1.Someone creates a website 2.They load it to a web server computer 3.We must have an Internet connection 4.We can see the websites on a browser.

Internet. 1.Someone creates a website 2.They load it to a web server computer 3.We must have an Internet connection 4.We can see the websites on a browser.
E-Commerce. What is E-Commerce Industry Canada version Commercial activity conducted over networks linking electronic devices (usually computers.) Simple.

E-Commerce. What is E-Commerce Industry Canada version Commercial activity conducted over networks linking electronic devices (usually computers.) Simple.
The Internet. The World’s largest computer network A world wide collection of networks that connects millions of businesses, government agencies, educational.

The Internet. The World’s largest computer network A world wide collection of networks that connects millions of businesses, government agencies, educational.
CHAPTER 2 Communications, Networks, the Internet, and the World Wide Web.

CHAPTER 2 Communications, Networks, the Internet, and the World Wide Web.
XP New Perspectives on The Internet, Sixth Edition— Comprehensive Tutorial 5 1 Downloading and Storing Data Using FTP and Other Services to Transfer and.

XP New Perspectives on The Internet, Sixth Edition— Comprehensive Tutorial 5 1 Downloading and Storing Data Using FTP and Other Services to Transfer and.
Measures to protect files from unauthorised access and modification Your name and surname Communication Skills ICT Skills Welsh Language.

Measures to protect files from unauthorised access and modification Your name and surname Communication Skills ICT Skills Welsh Language.
Password Management PA Turnpike Commission

Password Management PA Turnpike Commission
Contents Basic knowledge on database and searching Electronic database for searching Searching techniques Retrieval in the future.

Contents Basic knowledge on database and searching Electronic database for searching Searching techniques Retrieval in the future.
Chapter 8 The Internet: A Resource for All of Us.

Chapter 8 The Internet: A Resource for All of Us.
CIS 450 – Network Security Chapter 8 – Password Security.

CIS 450 – Network Security Chapter 8 – Password Security.

Similar presentations

Ads by Google