10 Passwords You Should Never Use

If you chose an easy-to-remember password, such as your user name or even the word "password," we advise you to change it ASAP. Easily-guessed passwords can compromise your personal identity, privacy and financial accounts.

Researchers from the University of Maryland's A. James Clark School of Engineering in College Park, have quantified how frequently unsecured computers are the victims of hacker attacks.

Here's the shocking news: On average, they happen every 39 seconds. That's more than 2,000 times a day for a single computer.

Those hackers have a string of common passwords and user names they use to penetrate unsecured PCs. If you thought you were being clever by using your user name as your password, note this: Fully 43 percent of all password-guessing attempts simply re-entered the user name.

The top 10 most common passwords:
1. Your user name
2. Your user name followed by 123
3. 123456
4. password
5. 1234
6. 12345
7. passwd
8. 123
9. test
10. 1

On TV and in film, hackers have been portrayed as people with grudges who target specific institutions and manually try to break into their computers. But in reality, study leader Michel Cukier says, "Most of these attacks employ automated scripts that indiscriminately seek out thousands of computers at a time, looking for vulnerabilities. Our data provide quantifiable evidence that attacks are happening all the time to computers with Internet connections. The computers in our study were attacked, on average, 2,244 times a day."

The team set up weak security on four Linux computers with Internet access, then recorded what happened as the individual machines were attacked. They discovered the vast majority of attacks came from relatively unsophisticated hackers using "dictionary scripts," a type of software that runs through lists of common usernames and passwords attempting to break into a computer.

The top 10 most common user names:
1. root
2. admin
3. test
4. guest
5. info
6. adm
7. mysql
8. user
9. administrator
10. oracle

What do hackers do once they gain access to your computer? This was the most common sequence of actions:

  • Check the accessed computer's software configuration.
  • Change the password.
  • Check the hardware and/or software configuration again.
  • Download a file.
  • Install the downloaded program.
  • Run the downloaded program.
What are the hackers trying to accomplish? "The scripts return a list of 'most likely prospect' computers to the hacker, who then attempts to access and compromise as many as possible," Cukier says. "Often they set up 'back doors'--undetected entrances into the computer that they control--so they can create 'botnets,' for profit or disreputable purposes." A botnet is a collection of compromised computers that are controlled by autonomous software robots answering to a hacker who manipulates the computers remotely. Botnets can act to perpetrate fraud or identity theft, disrupt other networks, and damage computer files, among other things.

Protect your computer: The single best step to help protect your computer and identity is to use up-to-date PC security software, such as McAfee Internet Security Suite, which provides comprehensive, multi-layered computer security against inbound and outbound Internet threats. It helps protect you from viruses, spyware, hackers, unwanted e-mails, phishing scams and identity theft. In addition to anti-virus, anti-spam and anti-spyware protection, the McAfee Internet Security Suite offers firewall protection, identity threat prevention, parental controls and more. For information on the McAfee Internet Security Suite, click here.

News, Photo and Web Search