Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Wednesday March 06 2019, @02:02AM   Printer-friendly
from the deep-seated-insecurities-and-paranoia dept.

Why 'ji32k7au4a83' Is a Remarkably Common Password

For too many people, moving the digits around in some variation of Patriots69Lover is their idea of a strong password. So you might expect something complicated like” “ji32k7au4a83” would be a great password. But according to the data breach repository Have I Been Pwned (HIBP), it shows up more often than one might expect.

This interesting bit of trivia comes from self-described hardware/software engineer Robert Ou, who recently asked his Twitter followers if they could explain why this seemingly random string of numbers has been seen by HIBP over a hundred times.

Have I Been Pwned is an aggregator that was started by security expert Troy Hunt to help people find out if their email or personal data has shown up in any prominent data breaches. One service it offers is a password search that allows you to check if your password has shown up in any data breaches that are on the radar of the security community. In this case, “ji32k7au4a83" has been seen by HIBP in 141 breaches.

Several of Ou’s followers quickly figured out the solution to his riddle. The password is coming from the Zhuyin Fuhao system for transliterating Mandarin. The reason it’s showing up fairly often in a data breach repository is because “ji32k7au4a83" translates to English as “my password.”

Related: The password “ji32k7au4a83” has been seen over a hundred times, and the password "ji32k7au4a83" looks like it'd be decently secure, right?

Now if only there were one super secure password everyone could use so we would all be safe.

[There is! But it would require over 55 hours (at 5 characters per second) to type it in. --Ed.]


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Informative) by Anonymous Coward on Wednesday March 06 2019, @06:00AM (5 children)

    by Anonymous Coward on Wednesday March 06 2019, @06:00AM (#810592)

    The past few months I've gotten many emails from supposed hackers. It states they've owned my machine, they tell me my password, and that they'll release to the public all the videos from my webcam that they've recorded of me watching weird porn. They demand bitcoins be sent to them promptly.

    Of course I don't have a webcam, and the password is one I used at a site that got hacked years ago, and I've long since stopped using that password anywhere. (I use a password manager now, and everything has a different long random password.) I laugh and delete the emails, but I wonder how many people panic and send them bitcoins.

    Starting Score:    0  points
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  

    Total Score:   1  
  • (Score: 0) by Anonymous Coward on Wednesday March 06 2019, @10:54AM (3 children)

    by Anonymous Coward on Wednesday March 06 2019, @10:54AM (#810658)

    Of course, anyone with a minimum thinking ability will see that "webcam videos of you watching weird porn" make no sense at all, since even if you happen to watch weird porn, and they managed to hack your computer and silently activate your web cam while you did, the web cam will not be able to catch the fact that you do so, because the screen is out of view of the web cam.

    • (Score: 0) by Anonymous Coward on Wednesday March 06 2019, @11:54AM (2 children)

      by Anonymous Coward on Wednesday March 06 2019, @11:54AM (#810666)

      The emails actually covered this, by claiming to have recorded both the porn stream and the webcam of the viewer, and splicing/split screening them together. Forgive my less than clear explanation of what the fake emails actually stated; I summarized too much.

      • (Score: 2) by maxwell demon on Wednesday March 06 2019, @08:09PM (1 child)

        by maxwell demon (1608) on Wednesday March 06 2019, @08:09PM (#810846) Journal

        Of course you can splice arbitrary video material together, so even if they had such a splice, for all the viewer could tell, it could just as well be you watching Game of Thrones, with some unrelated porn spliced in.

        --
        The Tao of math: The numbers you can count are not the real numbers.
        • (Score: 0) by Anonymous Coward on Thursday March 07 2019, @10:50AM

          by Anonymous Coward on Thursday March 07 2019, @10:50AM (#811099)

          They claim to have a webcam video of you whacking it to porn. Regardless of tying it to the other stream, most people wouldn't want a video of that sent to their contact list. If some idiot was in the habit of choking the chicken while watching porn on their laptop I can see where they might panic and send the money.

  • (Score: 2) by Muad'Dave on Wednesday March 06 2019, @12:16PM

    by Muad'Dave (1413) on Wednesday March 06 2019, @12:16PM (#810673)

    I've started getting 10's of those _a day_ recently. I wish that we could watch their bitcoin addresses and chop their nasty little fingers off when they touch it.