I recently came across a list of tuscl passwords on ihtb.org (no user names) that had been leaked / hacked. It's apparently pretty old as my password isn't on there, and I haven't changed it since I joined five years ago. Or maybe these were cracked from hashes, and my password is too strong. Or maybe the list is fake. Anyway here is the list of most popular passwords:
I don't know what's up with jmh1978, but it must mean something. If you google it you get lots of user accounts (different people) weird places like Christian dating web sites.
The list is not unusual. I used to be in the computer forensics business and I'd say "password", "123456", and "qwerty" are always in the top ten. At universities "beer" and "jesus" are always popular, but missing from this list. Don't often see "stripper", "pussy", and "lapdance".
I once used the hacked password list to remember an old username that I forgot the password to. Thousands of user names and I doubt they are all active. I was wondering if anyone had a recent hacked list.
Shark: I searched all the usual places and couldn't find anything more recent. Also fed my one-off tuscl email address to haveibeenpwned.com, which found nothing. So I think we're safe for now.
Easy isn't that bad. My password has changed through the years. Don't use the same one for all your accounts on the Internet, and one should be reasonably safe. I've had a few ones hacked, it's always a bit of a shock.
It's on GitHub somewhere too. It was used to demonstrate the validity of some graduate student's thesis or research paper, which was that passwords for topical websites often use words related to the topic. He also had a password list from a football site, and the most common words were related to football and that particular team.
If I recall, the full experiment had a scraper to rank the most common words on a site to build a dictionary for the attack.
Still, it was disconcerting to see my own password on the full list of cracked passwords.
The latest research shows that even the most random alphanumeric sequence can be hacked. I think it involves using powerful computers to run each possible combination against the server in nanoseconds until one is accepted. Security pros now say we should use random sentences, such as "Cakes dance blue rovers". Unfortunately, most websites do not allow passwords that long.
I have a piss poor memory when it comes to dates but I do remember about 10 years ago TUSCL getting hacked. I think they got everybody's pass word. I was one of the first to notice it. A post was made by me that I knew wasn't me.
The hacker taunted Founder on trying to locate him. I think it was a European IP address. All of the pass words wound up being posted on the internet. I think most of us just changed our passwords. Not a big deal like your bank accounts.
The hack helped me remember passwords on old user names. I downloaded the hack so I could change old stuff for my old accounts I wasn't using. I think there are thousands of inactive user accounts. I did not find the same info available anymore.
I would hope we all use critical passwords that are as secure as possible, AND an easy way to remember them so you don't have to write them down.
A question to a legal mind here. Say I die and therefore no one knows my passwords. I assume the executor of my trust would be able to access what would be needed fairly easily, correct?
Upper and lower case, with numbers too, never any real words and never any keyboard patterns. I never deviate from this.
SJG
And here now, a Lifeboat Forum, in case there are ever any temporary TUSCL outages. Go ahead and register now. At least keep the URL some place safe.
But warning, if there are troll posts, I can't be spending time dealing with that, so that member will be subjected to moderation if not a complete post prohibition. It is mostly for if there are any problems with TUSCL, to keep the community together. But people do have to limit their talk to the rules of the host, much different than the rules of TUSCL.
I don't think much of Hof, and you know his title is a play on DJT's book.
Nevertheless, I would probably enjoy reading this, just to try and understand him and where he is coming from. One thing Hof has said is that he "only dates prostitutes". That I have definitely come to understand.
Do you like the blues influenced Led Zeppelin with its strong bass, or do you go with the progressive rock which though seemingly blues derived has lost the strong bass? I go with the former. No reason to give up the strong bottom end.
25 comments
Latest
Although jmh1978 would seem to be a bit of an outlier :)
The list is not unusual. I used to be in the computer forensics business and I'd say "password", "123456", and "qwerty" are always in the top ten. At universities "beer" and "jesus" are always popular, but missing from this list. Don't often see "stripper", "pussy", and "lapdance".
It's on GitHub somewhere too. It was used to demonstrate the validity of some graduate student's thesis or research paper, which was that passwords for topical websites often use words related to the topic. He also had a password list from a football site, and the most common words were related to football and that particular team.
If I recall, the full experiment had a scraper to rank the most common words on a site to build a dictionary for the attack.
Still, it was disconcerting to see my own password on the full list of cracked passwords.
The hacker taunted Founder on trying to locate him. I think it was a European IP address. All of the pass words wound up being posted on the internet. I think most of us just changed our passwords. Not a big deal like your bank accounts.
A question to a legal mind here. Say I die and therefore no one knows my passwords. I assume the executor of my trust would be able to access what would be needed fairly easily, correct?
Go to hackedpasswords.com
SJG
And here now, a Lifeboat Forum, in case there are ever any temporary TUSCL outages. Go ahead and register now. At least keep the URL some place safe.
But warning, if there are troll posts, I can't be spending time dealing with that, so that member will be subjected to moderation if not a complete post prohibition. It is mostly for if there are any problems with TUSCL, to keep the community together. But people do have to limit their talk to the rules of the host, much different than the rules of TUSCL.
http://testosteronelifeboat.freeforums.n…
Art of the Pimp, by Dennis Hof
https://www.amazon.com/Art-Pimp-Search-D…
I don't think much of Hof, and you know his title is a play on DJT's book.
Nevertheless, I would probably enjoy reading this, just to try and understand him and where he is coming from. One thing Hof has said is that he "only dates prostitutes". That I have definitely come to understand.
Led Zeppelin, full concert, I believe Earl's Court. Awesome.
https://www.youtube.com/watch?v=NfwZfGAK…
part 2
https://www.youtube.com/watch?v=Ba-LngVj…
Do you like the blues influenced Led Zeppelin with its strong bass, or do you go with the progressive rock which though seemingly blues derived has lost the strong bass? I go with the former. No reason to give up the strong bottom end.