UK study: Passwords often easy to crack CNN) -- Computer passwords are supposed to be secret. But psychologists say it is possible to predict a password based on the personalities of users or even what is on their desks. Objects around the office may not seem important. But they may help someone to crack your computer password and masquerade as you, sending e-mails, accessing files and even plundering your online bank account. According to a recent British study, passwords are often based on something obvious. Around 50 percent of computer users base them on the name of a family member, partner or a pet. Thirty percent look to a pop idol or sporting hero. Such password inspirations could be a problem. "Particularly if you are a fan of a football club. Then you might well have something related to that football club on your desk at the office. You might have a mug or a pen. And if someone wants to try to hack into your system, then they might try using that as your password," said Helen Petrie of City University in London. It is not always that easy. Psychologists say passwords often reflect something about our subconscious. Users may not even know what inspires them to chose one word rather than another. "It seems to be something about the first thing that comes into your mind when you're asked to give a password," Petrie said. According to Petrie, 10 percent of users pick passwords that reflect some kind of fantasy. Often these contain sexual references. And 10 percent use cryptic combinations. They are among the toughest to break. To protect online customers, financial institutions advise them to enhance security by using random words and letters and to change a password frequently. "Even with the strongest, fastest computer these days, it still takes some time to crack a strong password," said Eugene Law of Cash Financial Services Group. Experts say that whatever you do, do not base a password on your own name or date of birth. And when you are asked to select a password, do not simply type in password. That one is not too hard to crack. -- so... what are some of YOUR passwords!?
what a joke. Your odds of guessing someones password in 5 tries is about 1%. 1% is pretty damn good. The only systems that are vunerable to this are systems that do not lock your account after "x" amount of invalid tries. Any sensative accounts will lock you out or at least take note of this. Also, most sensitive accounts will force a password change after x amount of days. Just trying to scare people. If you password is subjected to an easy guess, then you deserve it cracked. Also, take note of this: Most people use the same password over and over again on different systems. Keep this in mind; Most cgi/perl/ect... systems that allow you to change your password online (BBS ... like this are a prime example) can have your password easily compromised. All an admin has to do is admin your account, view the source of the page, and see your password. If you use this password over and over again, then they can pretty much access just about anything else of yours.
