10 million passwords unmasked

Guarding against password theft is a serious business. There have been some high profile security hacks e.g Talk Talk. Password dumps appear regularly on various sites , in clear text. A security researcher , Mark Burrnet, went one step further and collected 10 million passwords , gathered from the various password dumps.

An analysis of the passwords used, reveals an interesting profile of password selection.

For example the Most Used Base Phrase (4 + characters) :

1.passwords

2.qwerty

3.qwer

4.dragon

5.qazwsx

6.alex

7.love

8.monkey

9.master

10.shadow

These are very easy passwords to crack , which most offline password cracking techniques would manage to unmask.

There are a number of methods to encourage improved password entropy. Improved password entropy makes it harder to crack the password. Password entropy measures the password unpredictability.

Before you do anything, ensure there is a solid SQL Server Security Policy and a regular SQL Server - Database Server Security Audit Process ...

For full details of the analysis on the 10 million passwords

Read More on SQL Server security checks

Find Weak passwords in SQL Server - SQL Server DBA

How to create a SQL Server Security Audit - SQL Server DBA

Database Server Security Audit Process - SQL Server DBA

Find who made a database security change - SQL Server DBA