An analysis of passwords found in the 2009 breach of Rockyou -- 32 million accounts -- finds a large number of Biblical references ("jesus"," "heaven", "faith", etc), including a number of Bible verse references ("john316").
These -- including variants that add numbers or substitute number for letters -- are very easy for password-guessing brute-force software to decrypt.
An article in Christianity Today advises against using your "life verse" as a password, but fails to warn that other ways of turning verses into passwords -- like using the first letter of each word in a verse -- are also fairly weak, in that it is easy for computers to compile a database of all easily memorable passwords that could be constructed in this way.
Another too-popular choice is “jesus,” or variants like “jesus777” and “jesus143.” Collectively, more than 21,000 people in the breach used the Son of God’s name as a password, making it the 30th most common password overall, a bit behind “tigger” (No. 22) and ahead of “football” (No. 45).
You want a password to be unguessable. If you use your life verse as your password—say, for your church’s financial software—you’re opening yourself and your church to potential hacking by choosing something easy to predict.
If you do use a Bible reference or something related to Christianity as a password, be sure to include hard-to-guess letters, numbers, or symbols as part of it. Also consider including unrelated words or phrases. The key is to be unpredictable.
Beware of Making Jesus Your Password
[Stephen Smith/Christianity Today]
(via Super Punch)
Earlier this month, UK Home Secretary Amber Rudd idiotically insisted that “real people” don’t need encrypted messaging apps; but as foolish a statement as that was, there was a kernel of truth to it.
A group of researchers from Oxford and TU Berlin will present their paper, White-Stingray: Evaluating IMSI Catchers Detection Applications at the Usenix Workshop on Offensive Technologies, demonstrating countermeasures that Stingray vendors could use to beat Stingrays and other “cell-site simulators” (AKA IMSI catchers).
The $469 LockState RemoteLock 6i is a “smart lock” that is sold to Airbnb operators through a partnership with the company, allowing Airbnb hosts to generate and expire unique, per-tenant unlock codes.
The Pry.Me Bottle Opener holds tens of thousands of times its own weight, and you can pick one up now from the Boing Boing Store.This remarkable keychain is considerably smaller than any of your keys, but don’t let that fool you: it can easily open any bottle, and could even tow a trailer full of […]
Guaranteeing your privacy online goes way beyond checking the “Do Not Track” option in your browser’s settings. To ensure that your internet activity is totally hidden from Internet Service Providers, advertisers, and other prying eyes, take a look at Windscribe’s VPN protection. It usually costs $7.50 per month, but you can get a 3-year subscription […]
This project management bundle will help you get organized and learn how to lead a team to success. You can pay what you want for these five courses when you pick them up from the Boing Boing Store.To help you become an invaluable asset for your company, this bundle includes a curated collection of professional […]