It's no secret that people choose dumb passwords. But when a large database of passwords gets hacked and exposed, it can still be shocking that users still go with such easy-to-guess passwords.
But that's exactly what many Adobe customers did. As it turns out, according to one password cracker, the three most popular passwords among Adobe users, whose account details were stolen by hackers, are: "123456," "123456789," and "password."
See also: The 30 Most Popular Passwords Stolen From LinkedIn [INFOGRAPHIC]
In early October, hackers breached Adobe servers and stole data on 38 million active users (not just 2.9 as Adobe initially reported). But they also accessed data on inactive users, giving the hackers access to a whopping 130 million passwords.
Thanks to the way Adobe stored and encrypted the passwords, which Ars Technica referred to as an "epic blunder," those passwords, contained in a 9.3-gigabyte file posted online, can be guessed by expert password crackers.
Which is exactly what Jeremi Gosney did. The password cracker and researcher with Stricture Consulting Group downloaded the file, deciphered six million of the passwords, and posted the Top 100 over the weekend.
The list is full of usual suspects which are very easy to guess, like "qwerty," "123123," "iloveyou," or "letmein." "123456" was used by 1.9 million people, and the longer "12345678" was used by almost 500,000 people.
Gosney warns that there is no way to verify that these are the actual passwords, because only Adobe knows the key used to encrypt them, but his team is "fairly confident in the accuracy of this list."
123456
123456789
password
adobe123
12345678
qwerty
1234567
111111
photoshop
123123
1234567890
000000
abc123
1234
adobe1
macromedia
azerty
iloveyou
aaaaaa
654321
Adobe hasn't confirmed that the passwords are legit but, in the meantime, all accounts affected in the breach have been suspended until the password is changed. The company also set up a help page for the users.
Twitter user hilare_belloc has alsocreated a website (adobe.cynic.al) that purportedly checks if an Adobe customer's password has been compromised.
Given the fact that many users reuse the same password over and over, if all 130 million passwords get cracked and exposed, the Adobe breach will be a boon for malicious hackers and one of, if not the, biggest password leaks ever.
Have something to add to this story? Share it in the comments.
Image: Mashable composite. iStockphoto, PN_Photo