近日有黑客就公開了一份統計,指出是由Yahoo Voice網站內得到的一份數據資料,內有多達45萬個用戶密碼。黑客並將部分密碼公開,讓大家知道,一般用家所使用的密碼是怎樣的。
黑客指出,Yahoo密碼利用MySQL資料庫去建立並儲存密碼,並公開給大家知道該資料庫使用了多達2,700個Table及Column名稱,還有298個Variables,但只利用純文字檔儲存,即非加密密碼。黑客表示Yahoo並沒有做足安全設定,令他們輕易透過安全漏洞及簡單的指令便取得該份非加密密碼檔案。Yahoo亦於早前承認密碼資料外漏,不過表示該資料庫只是舊檔案,只有約5%密碼仍在使用,現正在修復伺服器的安全問題。
究竟一般用家的密碼排列是如何?黑客就從這份45萬個用戶資料列出了一堆統計數字,有部分資料是十分有趣的,想不到有人會用30位數字的密碼,而123456這密碼果然是最多人使用。大家又看看是否你平時使用密碼方式的習慣?
Top 10 passwords
123456 = 1666 (0.38%)
password = 780 (0.18%)
welcome = 436 (0.1%)
ninja = 333 (0.08%)
abc123 = 250 (0.06%)
123456789 = 222 (0.05%)
12345678 = 208 (0.05%)
sunshine = 205 (0.05%)
princess = 202 (0.05%)
qwerty = 172 (0.04%)
Password length (count ordered)
8 = 119125 (26.9%)
6 = 79610 (17.98%)
9 = 65955 (14.9%)
7 = 65598 (14.82%)
10 = 54756 (12.37%)
12 = 21728 (4.91%)
11 = 21219 (4.79%)
5 = 5323 (1.2%)
4 = 2748 (0.62%)
13 = 2657 (0.6%)
14 = 1493 (0.34%)
15 = 837 (0.19%)
16 = 570 (0.13%)
3 = 302 (0.07%)
17 = 263 (0.06%)
20 = 178 (0.04%)
18 = 126 (0.03%)
1 = 117 (0.03%)
19 = 89 (0.02%)
2 = 70 (0.02%)
21 = 11 (0.0%)
22 = 8 (0.0%)
28 = 5 (0.0%)
29 = 3 (0.0%)
24 = 3 (0.0%)
23 = 3 (0.0%)
27 = 2 (0.0%)
30 = 2 (0.0%)
Years (Top 10)
2008 = 1145 (0.26%)
2009 = 1052 (0.24%)
2007 = 765 (0.17%)
2000 = 617 (0.14%)
2006 = 572 (0.13%)
2005 = 496 (0.11%)
2004 = 424 (0.1%)
1987 = 413 (0.09%)
2001 = 404 (0.09%)
2002 = 404 (0.09%)
Single digit on the end = 47383 (10.7%)
Two digits on the end = 73635 (16.63%)
Three digits on the end = 31089 (7.02%)
由於統計太多,想知更多的不同組合大家可以到黑客所公開的網站上看看<這裡>
來源:pastebin / arstechnica