If you didn't hear, not too long ago a popular site RockYou was hacked and leaked 32 Million passwords. Yes I said 23 MILLION. Today on Slashdot and Anonymous poster gave us something to rally get into over this sad story. An analysis of those passwords.

Let's take a step back and look at the intial leak and what caused this issue. TechCrunch reveals something very important:

Earlier today news spread that social application site RockYou had suffered a data breached that resulted in the exposure of over 32 Million user accounts. To compound the severity of the security breach, it was found that RockYou are storing all user account data in plain text in their database, exposing all that information to attackers. RockYou have yet to inform users of the breach, and their blog is eerily silent – but the details of the security breach are going from bad to worse.

This is a very important lesson to all of you. Don't write down or store your passwords anywhere. If you do hash them so not even yourself knows what it says :) Now that we have covered what happened. Let's take a gander at this cool analysis that has presented itself to us. The analysis is on the top 10 most commonly used passwords:

1. 123456
2. 12345
3. 123456789
4. Password
5. iloveyou
6. princess
7. rockyou
8. 1234567
9. 12345678
10. abc123

If that doesn't make you a little squeemish to see your password up there. :-P Then check out this pie chart that's also found on the article:



Thanks to net-security.org for providing this analysis to all of us. Click here to read more on this. Only 3.81% of users used special characters. WOW. For those of you that don't know password security... here are some tips that you should be aware of:

1. Each password should be 8 characters
   
2. Each password should contain:
   
   
   
   • Upper and Lower case characters: aA bB yY
     
   • Special Characters: ^ * ( [ ]
     
   • Numbers: 1 7 0 - NEVER in sequential order.
     
   
   
3. Don't pick a lifer password. This is a password that you use EVERYWHERE. Try to find something about the site or application to make it unique. For example: g33kSm@sh!
   
4. Don't repeat up to your last 10 passwords in your history. Adding a digit is fine as long as it's not sequential. This is good: Month 1: g33kSm@sh!1 Month 2: g33kSm@sh!7 etc.
   
5. Finally, don't share or store your password anywhere.
   

I hope none of you out there were taken advantage of due to this RockYou incident. Remember those password tips!