Tuesday, July 5, 2022
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Cybersecurity > Most common Christmas-related passwords revealed

Most common Christmas-related passwords revealed

Although everyone knows their passwords should be strong and safe in order to protect their personal data, very often people choose to ignore this and opt for weaker passwords.

Julide Gamze Cecen by Julide Gamze Cecen
December 12, 2020
in Cybersecurity
4 min read
0 0
0
Most common Christmas-related passwords revealed
0
SHARES
164
VIEWS
Share on FacebookShare on TwitterShare on EmailFollow on Google News

As Christmas edges closer, decorations are out in full force and the holiday spirit is growing. But, how caught up do people really get? Specopssoft.com analyzed 800 million passwords from Specops Software’s Breached Password Protection database in order to reveal the most leaked Christmas-related passwords that are currently being unsafely used by millions of people.

Table of Contents

  • Most commonly leaked Christmas-related passwords
  • Specops Software’s top tips for creating a strong password
    • 1. #thinkrandom
    • 2. Easy to guess passwords
    • 3. Falls short to brute force
    • 4. Make three random words more secure
    • 5. Make your password long enough

Most commonly leaked Christmas-related passwords

After looking at millions of passwords that have been leaked, Specopssoft.com discovered that star is the least secure Christmas-related password. Although the number of times this password has been compromised cannot be released, star was found to be leaked 52 times more than jolly – the 15th most used Christmas-themed password.

The second most leaked Christmas-related password is angel, as lots of people use it to protect their accounts and data. Interestingly, angel was found to occur in 47 times more passwords than jolly. God is the third most used password, according to Specopssoft.com’s leaked password database. This word has been used 46 times more than the fifteenth-most used password, jolly.

In fourth, fifth, and sixth place are elf, Jesus and snow. Elf appears almost two times more than Jesus and Jesus is used seven times more than bell, which ranks in 12th. The word carol has been used very often by those looking to protect their data, placing it in seventh overall. In the leaked password database, Carol has been leaked eight times more than xmas – which places in 14th position.

  1. Star
  2. Angel
  3. God
  4. Elf
  5. Jesus
  6. Snow
  7. Carol
  8. Noel
  9. Santa
  10. Chocolate
  11. Gift
  12. Bells
  13. December
  14. Xmas
  15. Jolly

Darren James, Product Specialist with Specops Software, commented on the findings: “With the winter holidays right around the corner, we asked our research team to dig into which holidays are most popular, we analysed over 800 million breached passwords to find out.”

Specops Software’s top tips for creating a strong password

The compromised password problem can be an expensive one. IBM recently reported the global average cost of a data breach in 2020 to be $3.86 million.

1. #thinkrandom

Three random words, also known as #thinkrandom, is an initiative from the NCSC to educate the general public on how to choose secure passwords that are still easy to remember. The initiative was introduced to undo years of security advice that told people to combine different character types when creating passwords. Research has since found that character complexity requirements failed to achieve what it set out to do – make passwords harder to crack. Its failure can be blamed on people following the same character composition patterns (i.e. capital letter to start, number at the end, replacing the letter s with $, etc).

2. Easy to guess passwords

The three random words initiative is designed to address billions of weak passwords that are easy to guess. This means that even without sophisticated password cracking techniques, hackers can come up with likely passwords to try on different accounts, either in a credential stuffing attack or in a targeted attack against an individual. Easy-to-guess passwords with multiple character types include: Liverpool#1, Pa$$word7, Spring2020!. Examples of three random words passwords provided by the NCSC include: coffeetrainfish, walltinshirt.

3. Falls short to brute force

Critics of the #thinkrandom advice often bring up the time needed to break a password hash in a brute-force attack. When comparing two 14-character long passwords, one with three random words and one randomly generated using multiple character types, the multiple-character type password will take longer to crack in a brute force attack. This article explains the math to back up the criticism and recommends a Password Manager as a solution to needing to remember so many randomly-generated passwords.

Proponents of the advice believe in providing tips that the general public can follow, in order to improve the security of passwords. While critics of the advice can point out the most sophisticated randomly-generated passwords and show how these are more secure, both are right, but they represent extremes of the password security spectrum. Is there a middle ground that uses easy-to-follow advice and combines this with another layer of protection?

4. Make three random words more secure

One way to improve the security of the three random words advice is to combine it with a password deny list of known compromised passwords. A compromised password deny list is designed to prevent a password dictionary attack, where a hacker uses a password list from a previous data breach to gain access to an account. The breached password deny list improves the security of the three random words passwords by blocking passwords that have appeared on previous data breaches. This way people can choose passwords that they can remember, and are also not published online for hackers to use.

Will this make it harder for people to choose three random words passwords? No, if people follow the advice and choose words at random, it will not be difficult to find passwords that do not appear on the compromised passwords list.

5. Make your password long enough

When it comes to making strong passwords, the single most important factor is the length of the password. As long as a password isn’t easily guessable by other means (e.g. use of common words, username, repeating characters) length is your best friend for mitigating brute force attacks.

See more Cyber Security News


Tags: Specops Software
ShareTweetSendShare
Julide Gamze Cecen

Julide Gamze Cecen

Julide Gamze Cecen is the multimedia editor of the Cloud7 News. Julide is a solid Linux user, opensource and cybersecurity enthusiast and a front-end web application developer.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Next Post
NFINIT launched AO & Object LS storage solutions

NFINIT launched AO & Object LS storage solutions

Related News

HackerOne employee caught publishing stolen vulnerability reports anonymously

HackerOne employee caught publishing stolen vulnerability reports anonymously

July 4, 2022 9:55 pm
Google will merge Chrome and Android password managers

Google is merging Chrome and Android password managers

July 4, 2022 5:00 pm
8220 gang targeting Linux systems again, Microsoft says

8220 gang targeting Linux systems again, Microsoft says

July 1, 2022 2:52 pm
Kaspersky found a module backdoor in Microsoft Exchange

Kaspersky found a module backdoor in Microsoft Exchange

July 1, 2022 1:50 pm
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy

Editor's Choice

Interview with Igor Seletskiy on AlmaLinux

7 best hosting control panels

How to update Linux Kernel without rebooting?

7 best Linux mail servers for 2022

7 best cPanel alternatives for 2022

7 best Linux web browsers for 2022

7 best CentOS alternatives

7 best Linux server distros for 2022

How to scan your server for Log4j (Log4Shell) vulnerability

10 Best Web Hosting Services of 2022

AlmaLinux 8.6 Stable is ready to download

Ubuntu 22.04 LTS is available for download. What is new?

Kali Linux 2022.2 is ready for download

Advertisement

Recent News

  • HackerOne employee caught publishing stolen vulnerability reports anonymously
  • Systemd-oom won’t be included in Linux Mint 21
  • Google is merging Chrome and Android password managers
  • GNOME 43 will come with support for web apps in Software
  • Software Freedom Conservancy boycotts GitHub

Our Latest Interview

Interview: Erez Barak, Vice President Observability of Sumo Logic
Interview

Interview: Erez Barak, Vice President Observability of Sumo Logic

by Atalay Kelestemur
November 25, 2021 3:23 am


Cloud7 News is a news source that publishes the latest news, industry news and exclusive interviews on web hosting, cloud computing, data center, cybersecurity and Linux OS.

EXPLORE

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • Blockchain
  • How-Tos
  • Troubleshooting

RESOURCES

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2022, Cloud7 News. All rights reserved.

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

© 2022, Cloud7 News. All rights reserved.

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.