Euros-Driven Football Fever Nets Dumb Passwords - silversurfer - 17 June 21
Quote:The European soccer championship (a.k.a. the Euros) is stoking maximum football fever, which has slopped over into easy-to-crack passwords. Such as, say, “football.”
That password is of course easy as pie to crack via a dictionary attack – a type of brute-force attack that involves trying thousands of random words as passwords, using sources like every word in Wikipedia’s databases or all of the words from the Project Gutenberg free eBook collection, all of which showed up in the “RockYou2021” word list released to a hacker forum earlier this moth.
Not all of the 8.4 billion entries in the 100-gigabyte RockYou2021 list were breached passwords, Have I Been Pwned creator and maintainer Troy Hunt pointed out at the time, but they’re still useful for cracking.
“This list is about 14 times larger than what’s in Pwned Passwords because the vast, vast majority of it isn’t passwords,” he tweeted. “Word lists used for cracking passwords, sure, but not real-world passwords, so they won’t be going into @haveibeenpwned.”
Beyond dictionary attacks, it’s simpler still to crack a password such as “football” with just a smidge of knowledge about human nature and current events. Unless you’ve been living under a rock for the past few months or aren’t a sports fan, you’ll know that the UEFA European Football Championship is in full swing across Europe. It was rescheduled from last summer due to the pandemic, so this year’s return to the fields is a welcome return for football fans to cheer on their teams.
Read more: Euros-Driven Football Fever Nets Dumb Passwords | Threatpost
|