| |
Strong passwords are your first step in securing your systems. If a
password can be easily guessed or compromised using a simple
dictionary attack, your systems will be vulnerable to hackers, worms,
Trojans, and viruses. |
 |
|
Trojan, virus, and worm authors have had
great success attacking systems with weak and/or default
passwords. Take IRC/Flood Trojan for example. McAfee's
virus profile states that IRCFlood
has over 120 variants and has infected over 60,000 machines
in the last 30 days. IRC/Flood succeeds by checking
for 22 different different easy to guess admin passwords
(variants vary). Unfortunately, there are a lot more
where IRC/Flood came from, W32/Tzet.worm, W32/Random.worm,
and W32.HLLW.Gaobot.gen are in the wild just to name
three. Hackers also have no problem compromising systems
with weak passwords. Programs like L0pthCrack for example
make the process simple and efficient. Creating a password-cracking
dictionary is not even a challenge. Type the words "Creating
Password Cracking Dictionaries", without the quotes,
in to your favorite search engine. A comprehensive dictionary
can be downloaded or created from scratch in short order.
Below is a list of commonly used weak passwords that
should NEVER be used. If any of these passwords look
hauntingly familiar and are being used, you need to
change the password immediately.
|
Alpha
| Weak Passwords
|
|
|
A
| a, A.M.I, A52896nG93096a, aaa, aammii, abc, abcd,
academia, academic, accept, access, ACCESS, account,
accounting, action, adam, ADAMS, adfexc, adm, admin,
ADMIN, Admin, admin2, administrator, Administrator,
adminttd, ADMN, admn, adrian, adrianna, adtran,
adult, Advance, ADVMAIL, aerobics, alfarome, ALFAROME,
ALLIN1, ALLIN1MAIL, ALLINONE, aLLy, ALLy, alpha,
AM, AMI, AMI!SW, AMI.KEY, AMI.KEZ, AMI?SW, AMI_SW,
AMI~, AMIAMI, AMIDECOD, amipswd, AMIPSWD, AMISETUP,
anicust, anon, anonymous, any@, ANYCOM, AP2SVP,
aPAf, APL2PP, APPLSYS, APPS, AQDEMO, AQUSER, ARCHIVIST,
Asante, ascend, Ascend, asdf, asdfgh, at4400, attack,
AURORA$ORB$UNAUTHENTICATED, AURORA@ORB@UNAUTHENTICATED,
autocad, AUTOLOG1, Award, award, AWARD?SW, AWARD_SW,
awkward
|
|
|
B
| BACKUP, BATCH, BATCH1, BATCH2, bbs, bciim, bciimpw,
bcms, bcmspw, bcnas, bcnaspw, bell9, BIGO, bin,
bintec, BIOS, BIOSPASS, biosstar, biostar, Biostar,
BIOSTAR, BLAKE, blue, bluepw, boss, BRIDGE, browse,
browsepw
|
|
|
C
| c, cablecom, cable-docsis, CAROLIAN, cascade,
CATALOG, cc, CCC, ccrusr, CDEMO82, CDEMOCOR, CDEMORID,
CDEMOUCB, central, CHANGE_ON_INSTALL, changeme,
checkfs, checkfsys, checksys, CHEY_ARCHSVR, circ,
cisco, Cisco router, CLARK, client, CLOTH, cmaker,
CMSBATCH, CMSUSER, CNAS, COGNOS, Col2ogro2, comcomcom,
COMPANY, Compaq, Compleri, computer, CONCAT, condo,
CONDO, Congress, CONV, CPNUC, CPRM, cr0wmt 911,
craft, craftpw, Crystal, CSPUSER, CTX_123, CTXDEMO,
CTXSYS, cust, custpw, CVIEW
|
|
|
D
| d.e.b.u.g, d8on, daemon, Daewuu, Database, databse,
DATAMOVE, Daytec, DBSNMP, DCL, DDIC, death, debug,
DECMAIL, DECNET, default, DEFAULT, Dell, DEMO, demo,
DEMO1, DEMO8, DEMO8, demos, deskalt, deskman, desknorm,
deskres, DESQUETOP, dhs3mt, dhs3pms, diag, diamond,
DIGITAL, DISC, disttech, D-Link, dn_04rjc, dni,
DS, DSA
|
|
|
E
| EARLYWATCH, echo, EMP, enable, eng, engineer,
enquiry, enquirypw, enter, ESSEX, EVENT, Ezsetup
|
|
|
F
| fal, FAX, fax, FAXUSER, FAXWORKS, FIELD, field,
FIELD.SUPPORT, FINANCE, FND, foobar, friend, ftp
|
|
|
G
| g6PJ, games, ganteng, GATEWAY, GEN1, gen1, GEN2,
gen2, glftpd, gnumpf, god, godblessyou, gonzo, gopher,
GPLD, gropher, guessme, guest, GUEST, Guest, guest1,
GUESTGUE, guestgue, GUESTGUEST
|
|
|
H
| h6BB, hacker, halt, HARRIS, hax0r, HELGA-S, HELLO,
hello, HELP, help, HELPDESK, HEWITT RAND, hewlpack,
HLT, home, Home, HOST, HP, hp, HPDESK, HPLASER,
HPOFFICE, HPOFFICE DATA, HPONLY, HPP187, HPP187
SYS, HPP189, HPP196, HPWORD PUB, hydrasna
|
|
|
I
| I5rDv2b2JjA8Mm, ibm, IBM, ibmcel, ihavenopass,
ILMI, inads, indspw, INFO, informix, INGRES, init,
initpw, install, Internet, IntraStack, IntraSwitch,
INTX3, INVALID, IPC, IS_$hostname, ITF3000, iwill
|
|
|
J
| j09F, j256, j262, j322, j64, JDE, Jetform, JONES
|
|
|
K
| kermit, kiddie, komprie, ksdjfg934t
|
|
|
L
| l2, l3, laflaf, lantronix, LASER, LASERWRITER,
last, lesarotl, letacla, letmein, LIBRARY, lineprin,
LINK, lkw peter, lkwpeter, LKWPETER, Lkwpeter, llatsni,
locate, locatepw, login, looker, LOTUS, love, lp,
lpadm, lpadmin, lucenttech1, lucenttech2, lynx
|
|
|
M
| MAIL, mail, MAILER, maint, maintain, maintpw,
man, manager, Manager, MANAGER, MANAGER.SYS, Master,
MASTER, masterkey, MBIU0, MBMANAGER, MBWATCH, mcp,
MDSYS, me, merlin, mfd, MFG, MGR, MGR.SYS, MICRO,
MILLER, mirc, mlusr, mMmM, MMO2, MODTEST, monitor,
MOREAU, mountfs, mountfsys, mountsys, MPE, mtch,
mtcl, MTYSYS, my_DEMARC, mypass, mypc
|
|
|
N
| n/a, naadmin, NAMES, ncrm, NETBASE, NETCON, NETFRAME,
NetICs, netlink, netman, NETMGR, NETNONPRIV, NETOP,
netopia, NETPRIV, netrangr, netscreen, NETSERVER,
NETWORK, NEWINGRES, NEWS, news, NeXT, NF, NFI, NICONEX,
nms, nmspw, nobody, noway, NONPRIV, ntacdmax, nuucp
|
|
|
O
| OCITEST, oem_temp,op, OP.OPERATOR, operator, OPERATOR,
OPERVAX, oracle, ORDPLUGINS, ORDSYS, OUTLN, OutOfBox,
owner
|
|
|
P
| PAPER, pass, PASS, Pass, passwd, Passwd, PASSWORD,
password, Password, pat, patrick, PBX, pc, PCUSER,
PDP11, PDP8, PFCUser, PHANTOM, phoenix, piranha,
pmd, PO, PO8, poll, Polrty, POST, Posterie, postmast,
POSTMASTER, postmaster, POWERCARTUSER, powerdown,
PRIMARY, prime, primenet, primeos, primos, primos_cs,
PRINT, PRINTER, PRIV, private, prost, PSEAdmin,
public, PUBSUB, pw, pwd, pwp
|
|
|
Q
| q, Q54arwms, QDI, qpgmr, qsecofr, qserv, qsrvbas,
qsvr, qsysopr, quser, qwer
|
|
|
R
| raidzone, rcust, rcustpw, RE, read, readonly,
readwrite, REGO, REMOTE, replicator, REPORT, RJE,
rje, RM, RMAIL, rmnetlm, RMUser1, ro, ROBELLE, ROOT,
root, Root, ROOT500, ROUTER, router, RSBCMON, RSX,
rw, rwa, rwmaint
|
|
|
S
| sa, SABRE, SAMPLE, san fran 8, SAP*, satan, SCOTT,
script, scriptkiddie, SECDEMO, secoff, secofr, secret,
secure, security, SECURITY, SER, sertafu, server,
service, SERVICE, servlet, SETUP, setup, sex, shutdown,
signa, SKY_FOX, sldkj754, smile, snake, SnuFG5,
software, sp99dd, Spacve, spcl, speedxess, SPOOLMAN,
spooml, star, STEEL, STUDENT, su, Super, super,
SUPERVISOR, support, SUPPORT, supportpw, switch,
SWITCHES_SW, Sxyz, SY_MB, sybase, sync, synnet,
SYS, sys, sysadm, SYSADM, sysadmin, sysbin, SYSDBA,
SYSLIB, syslib, SYSMAINT, SYSMAN, Sysop, system,
SYSTEM, system_admin, SYSTEST, SYSTEST_CLIG, syxz,
SZYX
|
|
|
T
| t0ch20x, t0ch88, TCH, teacher, tech, technolgi,
tele, TELEDEMO, TELESUP, temp, temp1, TEST, test,
testing, teX1, tiara, TIGER, tini, Tiny, tlah, topicalt,
topicnorm, topicres, Toshiba, toshy99, tour, TRACE,
TRACESRV, trancell, trouble, TSDEV, TSEUG, TSUSER,
TTPTHA, tutor, TzqF
|
|
|
U
| uClinux, UETP, umountfs, umountfsys, umountsys,
unix, User, user, USER, USER_TEMPLATE, USER0, USER1,
USER2, USER3, USER4, USER5, USER6, USER7, USER8,
USER9, USERP, uucp, uucpadm, uwontguessme
|
|
|
V
| VAX, VESOFT, Vextrex, VMS, VNC, VRR1
|
|
|
W
| WANGTEK, web, WebAdmin, WebBoard, webdb, weblogic,
webmaster, win, WINDOWS_PASSTHRU, WINSABRE, winterm,
wodj, WOOD, WORD, WP, wradmin, write, www
|
|
|
X
| xljlbj, XLSERVER, xo11nE, xp, xxx, xxxx, xxxxx,
xxxxxx, xxxxxxx, xxxxxxxx, xxxxxxxxx, xyzall
|
|
|
Y
| YES, youwontguessme, yxcv
|
|
|
Z
| zbaaaca, Zenith, zeosx, zxcv
|
|
|
Numeric
| 0, 1, 1.1, 2, 5, 7, 12, 30, 110, 111, 123, 1111,
1234, 2002, 2003, 2222, 2600, 8429, 12345, 54321,
111111, 121212, 123123, 123456, 166816, 256256,
654321, 1234567, 1322222, 7061992, 11111111, 12345678,
19920706, 22222222, 88888888, 123456789, 1. 1, 1234qwer,
123abc, 123asd, 123qwe, 1RRWTTOOI, 240653C9467E45,
24Banc81, 3098z, 3ep5w2u, 4Dgifts, 4getme2, 4tas,
57gbzb
|
|
|
Other
| !@#$, !@#$%, !@#$%^, !@#$%^&, !@#$%^&*, !root,
$ALOC$, $secure$, $system, %username%12, %username%123,
%username%1234, (none), ?award, }
|
Additional Information about Strong
Passwords The links below contain policies, guidelines,
practices, and general protection information about
weak and strong passwords. Password Policy from SANS Password
Security from Red Hat How
to create stronger passwords from Microsoft Protecting
Yourself from Password File Attacks from CERT Coordination
Center
About The Author
Lew
Newlin is CTO of Information Solutions, Inc. that
operates SiteRecon.com. SiteRecon
specializes in security, email monitoring, and web site
monitoring for Internet service providers and businesses. |
