An analysis of passwords found in the 2009 breach of Rockyou -- 32 million accounts -- finds a large number of Biblical references ("jesus"," "heaven", "faith", etc), including a number of Bible verse references ("john316").
These -- including variants that add numbers or substitute number for letters -- are very easy for password-guessing brute-force software to decrypt.
An article in Christianity Today advises against using your "life verse" as a password, but fails to warn that other ways of turning verses into passwords -- like using the first letter of each word in a verse -- are also fairly weak, in that it is easy for computers to compile a database of all easily memorable passwords that could be constructed in this way.
Another too-popular choice is “jesus,” or variants like “jesus777” and “jesus143.” Collectively, more than 21,000 people in the breach used the Son of God’s name as a password, making it the 30th most common password overall, a bit behind “tigger” (No. 22) and ahead of “football” (No. 45).
You want a password to be unguessable. If you use your life verse as your password—say, for your church’s financial software—you’re opening yourself and your church to potential hacking by choosing something easy to predict.
If you do use a Bible reference or something related to Christianity as a password, be sure to include hard-to-guess letters, numbers, or symbols as part of it. Also consider including unrelated words or phrases. The key is to be unpredictable.
Beware of Making Jesus Your Password
[Stephen Smith/Christianity Today]
(via Super Punch)
Wired security reporter Andy Greenberg's latest book is Sandworm (previously), a true-life technothriller that tells the stories of the cybersecurity experts who analyzed and attributed as series of ghastly cyberwar attacks that brought down parts of the Ukrainian power grid, and then escaped the attackers' control and spread all over the world.
Daniel Moghimi, Berk Sunar, Thomas Eisenbarth and Nadia Heninger have published TPM-FAIL: TPM meets Timing and Lattice Attacks, their Usenix security paper, which reveals a pair of timing attacks against trusted computing chips ("Trusted Computing Modules" or TPMs), the widely deployed cryptographic co-processors used for a variety of mission-critical secure computing tasks, from verifying software […]
The privacy-focused web browser Brave has finally launched a 1.0 version, bringing it officially out of beta.
Seems like no matter what kind of wireless earbud you buy, you’re sacrificing something: Sound for longevity, battery life for durability, the list goes on. Finally, it seems like the tech is starting to come together for the full package in a few newer models. Case in point: These PaMu Slide Bluetooth 5 In-Ear Headphones. […]
If you’re doing any kind of data work, chances are you’re working in Excel. This venerable platform has evolved beyond its roots as a workhorse spreadsheet creator into an essential tool for data analysts and other high-level number crunchers. Want to brush up on this year’s version of the software? There’s no quicker way than […]
Does your computer gear need an upgrade? Don’t cross your fingers and wait for Christmas. You can get 15% off the final sale price of all these essential accessories now by using the online code BFSAVE15, including gaming mice and computer desks. Wireless Charging Mouse Pad Talk about a space saver. This high-quality mouse pad […]