2 million account credentials stolen!


More than 2 million passwords have been stolen from popular web services such as Facebook, Google, Yahoo, Twitter, LinkedIn, etc. All the popular press are reporting on this (here is something in English and Swedish).

Now what is interesting is the analysis on the stolen passwords by Trustwave. Trustwave did a similar study over 6 years ago on passwords exposed from MySpace, and this shows that nothing has changed, if anything password complexity is even weaker now than what it was in 2006. It seems that users are choosing simplicity over complexity.

So what’s so surprising? It is quite naive to assume that we will use complex passwords, especially across our social networking accounts. This is why we are increasingly accepting single sign-on using Facebook, LinkedIn, etc., to authenticate to other web services. The last Gartner conference on identity talked about needing to re-work how we do identity, i.e. make it ‘people-centric’, now where have I heard that one before 😉

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s