Stories
Slash Boxes
Comments

SoylentNews is people

Why 'ji32k7au4a83' is a Remarkably Common Password

posted by martyb on Wednesday March 06 2019, @02:02AM   Printer-friendly
from the deep-seated-insecurities-and-paranoia dept.

DannyB writes:

Why 'ji32k7au4a83' Is a Remarkably Common Password

For too many people, moving the digits around in some variation of Patriots69Lover is their idea of a strong password. So you might expect something complicated like” “ji32k7au4a83” would be a great password. But according to the data breach repository Have I Been Pwned (HIBP), it shows up more often than one might expect.

This interesting bit of trivia comes from self-described hardware/software engineer Robert Ou, who recently asked his Twitter followers if they could explain why this seemingly random string of numbers has been seen by HIBP over a hundred times.

Have I Been Pwned is an aggregator that was started by security expert Troy Hunt to help people find out if their email or personal data has shown up in any prominent data breaches. One service it offers is a password search that allows you to check if your password has shown up in any data breaches that are on the radar of the security community. In this case, “ji32k7au4a83" has been seen by HIBP in 141 breaches.

Several of Ou’s followers quickly figured out the solution to his riddle. The password is coming from the Zhuyin Fuhao system for transliterating Mandarin. The reason it’s showing up fairly often in a data breach repository is because “ji32k7au4a83" translates to English as “my password.”

Related: The password “ji32k7au4a83” has been seen over a hundred times, and the password "ji32k7au4a83" looks like it'd be decently secure, right?

Now if only there were one super secure password everyone could use so we would all be safe.

[There is! But it would require over 55 hours (at 5 characters per second) to type it in. --Ed.]

Original Submission

 
This discussion has been archived. No new comments can be posted.
Why 'ji32k7au4a83' is a Remarkably Common Password | Log In/Create an Account | Top | 32 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Insightful) by maxwell demon on Wednesday March 06 2019, @07:05AM (1 child)

    by maxwell demon (1608) on Wednesday March 06 2019, @07:05AM (#810611) Journal

    On the XKCD link: If there's anything about passwords, someone will post the link. It's just how the internet works.

    I didn't actually follow the link because I'm reasonably sure it's the "correct hose battery staple", again.

    --
    The Tao of math: The numbers you can count are not the real numbers.
    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 2) by FatPhil on Wednesday March 06 2019, @07:59AM

    by FatPhil (863) <reversethis-{if.fdsa} {ta} {tnelyos-cp}> on Wednesday March 06 2019, @07:59AM (#810626) Homepage
    Or was it "right ass terminal clip"? (and I've not even bothered to pemute the words for extra wrongness.
    That's one reason I hate that XKCD - it overlooks the very point it's trying to make. We think, and remember, conceptually, rather than verbatim. Rndom common words are just as liable for misremembering as random characters. Also, his scheme is utterly childsplay to crack with rainbow tables.

    y advice is to understand the strengths and weaknesses of the common schemes, and then create a blend that is memorable to you. There's entropy in the choice of scheme, and "4 common words" probably carries as little entropy as "common word leetified followed by number".
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves