If you had noticed, the website of Stratfor Global Intelligence was breached back in the end of 2011 where 200 GB of data were stolen during the hack. Those stolen data which consists of passwords, and credit cards were published on public.
Security experts pull out those stolen data and use some automated password cracking tool, Hashcat to crack those passwords and found that most of the subscribers of Stratfor were using ‘simple to guess’ password.
Those simple password are “123456, “11111111,” and “123123.” Other terribly insecure passwords: “111222333444,” “12345678901,” “administration,” “123456789abc,” “12345stratfor,” “hello123,” “lawenforcement” and “intelligence.” – According to SecurityNewsDaily
Image Credit: chanpipat
Who is to blame for this poor security?
I would say both parties, the subscriber and the web developer. Firstly, the developer enforced a minimum of six characters and at least a numeric value is used. That is not sufficient for a good security. The developer should enforced a stricter rule when creating a password.
The end user is also to blame for this poor security. A strong password should be complex and long. I don’t think the web developer will limit the subscriber to create a complex password and hence the blame cannot be at the developer totally. If you still not sure about creating a strong password, you can always refer to my post on how to create a strong password.
I don’t have to stress about the importance of strong password. Simple password such as the ones mentioned should not appear in any system especially the number of hacking case increased over the years.
Lastly, if you are concerned whether your accounts is hacked correspond to this hack, you can always refer to this page to check.