Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
User Journal

Journal weierstrass's Journal: people are stupid 3

Journal by weierstrass

freenode, an irc channel i use a lot, was taken over today. every user who logged on during the time it was compromised may assume that their password is known to the attackers (passwds are used to identify to services in order that others can't steal your nick). obviously it is also reasonable to assume that anyone on irc is or could be impersonated.

my password is the one i use at lots of low security web places, and no, that doesn't include /.

i stole my first password aged 14. the password on the library computer at school was the name of the librarians little son. i knew the son, and the story of War Games but nonetheless i was surprised when it worked. if you really want to access people's accounts, apart from 'love, sex and secret' just remember that everyone uses their kids names. its the one constant of password choosing. last job i had i watched someone type their username firstname.lastname, followed by a passwd '?????lastname'. it's just an exercise to find out their son, daughter and husbands first name.

when i was looking away from the keyboard as my girlfriend typed her hotmail password, i heard the number of letters it had, and knew straightaway what it was. i only tried it once to check i was right, and didn't read anything - until we broke up. when she started going out with someone else i read her email regularly for a while. when decided not to do it anymore, i told her that i knew the password, but not that i'd used it, and got her to change it.

i worked in a hospital once and most of the access pin numbers were set to things like 1066. the photocopier pin i just read off of the worn down keys. at college i've only found out the entry pin by being told it - but then both times i've seen afterwards where it came from / what the mnemonic is.

i was just thinking about someone i know online, and how i would social engineer theire password, and realised immediately what i knew they would use as a passwd - their real life first name, which people online wouldn't know.

This discussion has been archived. No new comments can be posted.

people are stupid More

people are stupid

Comments Filter:
  • The names of pets.
  • Back in school, we had accounts like:
    cs1551aa
    computer science class 155, section 1, aa (where aa started at aa and went on down through the letters, i.e. ab, ac, for as many as was needed). The nosy little git that I was, I took a look at the password file containing all the encrypted passwords on the unix machines (back when it used to be readable before shadow password files) and noticed that all the "aa" accounts across all the computer classes/sections had the same password. Sweet! Once I got my compute
    • in high school each subject department had a logon to the main network that by default was set to
      username: maths (say)
      password: dept (same for every department)

      of course, lots of departments changed their default password, but of course, lots didn't.

Slashdot Top Deals

The nation that controls magnetism controls the universe. -- Chester Gould/Dick Tracy

Close