Stolen Hotmail Data Finds Simple Passwords

We've all seen the warnings about having secure passwords. Even upon account creation, many online services even include tips on how to make a secure password. It seems, though, that most users do not take heed.

IDG reports that security researcher Bogdan Calin analyzed the 10,000 stolen Windows Live Hotmail usernames and passwords that were leaked late last week and found that users are still using simple, common and downright stupid passwords.

Passwords that used simple number sequences such as 123456789 made up half of the top 10 most common passwords. The other half of the list is made up of names alejandra, alberto, and alejandro, which lead Calin to believe that the passwords were stolen by a phishing kit targeting Latinos.

Security sites recommend that passwords should contain a combination of letters, numbers and other characters. Calin found that just 6 percent of the Hotmail passwords met such standards of complexity, but more than 60 percent were either lower case letters only, or numbers.

Interestingly, the longest password Calin found was "lafaroleratropezoooooooooooooo".

The top 10 passwords were:

   1. 123456

   2. 123456789

   3. alejandra

   4. 111111

   5. alberto

   6. tequiero

   7. alejandro

   8. 12345678

   9. 1234567

  10. estrella

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
Comment from the forums
    Your comment
    Top Comments
  • randomizer
    TheresaCI am able to create and manage strong unique password because I use a good password manager(it's web-based), Mitto ( It's free, secure, and easy to use.

    Wait... you give all of your passwords to one website?
  • JasonAkkerman
    Whats up with all the Hispanic names?
  • Ethuus
    So the combination is... one, two, three, four, five? That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!
  • Other Comments
  • JasonAkkerman
    Whats up with all the Hispanic names?
  • Boxa786
    PPL with passwords like that have no reason to complain about there account being stolen!
  • tipoo
    CRAP! My bank pin number is the same as number one!