We create passwords almost every day. Yes, of course, we can say that most services offer to log in through an account on Google, Facebook or other social networks, and in general Android itself can come up with passwords for you, but the problem is still acute. Why? Yes, it’s trivial because many users create and store all their passwords on an Android device, and there are also Apple and Windows. All of them are not very friendly with each other, so you still have to create passwords on your smartphone. Today we will analyze the most popular questions about this and discuss all the small details that may be useful in your work.
Let's take a closer look at password issues on Android.
How to set a password for any Android smartphone application.
Popular and rare PIN codes: statistical analysis
Xakep #269. Reverse shell 237 bytes
It's no secret that users choose numeric passwords using characteristic patterns.
In the case of a four-digit PIN, the birthday or year of birth is often indicated. Until now, all research in this area has been fragmentary, based on relatively small data samples. The American company Data Genetics a few days ago published the most complete and large-scale statistical analysis of PIN codes, using all available password databases and filtering them by digital combinations from 0000 to 9999. The total database after applying the filter amounted to 3.4 million PIN codes.
The analysis revealed several interesting facts. The most popular PIN code is 1234, set by almost 11% of users. In second place is 1111 (6%).
The twenty most popular combinations cover 26.83% of all passwords, although in a normal statistical distribution it would be only 0.2%. The following chart shows the cumulative frequency of password usage.
It is also interesting to look at the list of the rarest PIN codes throughout the entire database.
Source
Internet without problems on a very good channel
This article is in video format.
Dear, I would like to present to your attention the “Internet without Troubles” project.
Tips and tricks that every home computer user can use to protect themselves on the Internet, not just professionals in this field.
I'm just starting to generate content. I will be frankly glad to receive any comments or questions that do not allow you to sleep peacefully from an advanced audience on Habré. Thank you.
Telegram channel about online safety: https://t.me/internetnotbad
All 10,000 4-digit combinations. Is it difficult to guess the PIN code?
Despite the important role of PIN codes in the world's infrastructure, there has been no academic research into how people actually choose PIN codes.
Cambridge University researchers Sören Preibusch and Ross Anderson have corrected the situation by publishing the world's first quantitative analysis of the difficulty of guessing a 4-digit bank PIN.
Using data on password leaks from non-bank sources and online surveys, scientists found that users take the choice of PIN codes much more seriously than the choice of passwords for websites: most codes contain an almost random set of numbers. However, among the initial data there are also simple combinations and birthdays - that is, with some luck, an attacker can simply guess the treasured code.
The starting point of the study was a set of 4-digit password sequences from the RockYou database (1.7 million), and a database of 200 thousand PIN codes from the iPhone screen lock program (the database was provided by the application developer Daniel Amitay). In the graphs built from this data, interesting patterns emerge - dates, years, repeating numbers, and even PIN codes ending in 69. Based on these observations, scientists built a linear regression model that estimates the popularity of each PIN code depending on 25 factors, such as whether the code is a DDMM date, whether it is an ascending sequence, and so on. 79% and 93% of PIN codes in each set meet these general conditions.
So, users choose 4-digit codes based on just a few simple factors. If bank PIN codes were chosen this way, 8-9% of them could be guessed in just three attempts! But, of course, people are much more attentive to bank codes. In the absence of any large set of real banking data, the researchers surveyed more than 1,300 people to assess how different real PIN codes were from those already considered. Given the specifics of the study, respondents were not asked about the codes themselves, but only about their compliance with any of the above factors (increasing, DDMM format, etc.).
It turned out that people really choose their bank PIN codes much more carefully. About a quarter of respondents use a random PIN generated by the bank. More than a third choose their PIN using an old phone number, student ID number, or another set of numbers that appears random. According to the results, 64% of cardholders use a pseudo-random PIN, which is much higher than the 23-27% in previous experiments with non-bank codes. Another 5% use a digital pattern (eg 4545), and 9% prefer a keyboard pattern (eg 2684). In general, an attacker with six attempts (three with an ATM and three with a payment terminal) has less than 2% chance of guessing the PIN code of someone else's card.
| Frequency | ||
| № 1 | 1234 | 10,713% |
| № 2 | 1111 | 6,016% |
| № 3 | 0000 | 1,881% |
| № 4 | 1212 | 1,197% |
| № 5 | 7777 | 0,745% |
| № 6 | 1004 | 0,616% |
| № 7 | 2000 | 0,613% |
| № 8 | 4444 | 0,526% |
| № 9 | 2222 | 0,516% |
| № 10 | 6969 | 0,512% |
| № 11 | 9999 | 0,451% |
| № 12 | 3333 | 0,419% |
| № 13 | 5555 | 0,395% |
| № 14 | 6666 | 0,391% |
| № 15 | 1122 | 0,366% |
| № 16 | 1313 | 0,304% |
| № 17 | 8888 | 0,303% |
| № 18 | 4321 | 0,293% |
| № 19 | 2001 | 0,290% |
| № 20 | 1010 | 0,285% |
| Factor | Example | RockYou | iPhone | Survey |
| Dates | ||||
| DDMM | 2311 | 5.26 | 1.38 | 3.07 |
| DMGG | 3876 | 9.26 | 6.46 | 5.54 |
| MMDD | 1123 | 10.00 | 9.35 | 3.66 |
| MMYY | 0683 | 0.67 | 0.20 | 0.94 |
| YYYY | 1984 | 33.39 | 7.12 | 4.95 |
| Total | 58.57 | 24.51 | 22.76 | |
| Keyboard pattern | ||||
| adjacent | 6351 | 1.52 | 4.99 | — |
| square | 1425 | 0.01 | 0.58 | — |
| angles | 9713 | 0.19 | 1.06 | — |
| cross | 8246 | 0.17 | 0.88 | — |
| diagonal line | 1590 | 0.10 | 1.36 | — |
| horizontal line | 5987 | 0.34 | 1.42 | — |
| word | 5683 | 0.70 | 8.39 | — |
| vertical line | 8520 | 0.06 | 4.28 | — |
| Total | 3.09 | 22.97 | 8.96 | |
| Digital pattern | ||||
| ends with 69 | 6869 | 0.35 | 0.57 | — |
| only numbers 0-3 | 2000 | 3.49 | 2.72 | — |
| only numbers 0-6 | 5155 | 4.66 | 5.96 | — |
| repeating pairs | 2525 | 2.31 | 4.11 | — |
| same numbers | 6666 | 0.40 | 6.67 | — |
| descending sequence | 3210 | 0.13 | 0.29 | — |
| increasing sequence | 4567 | 3.83 | 4.52 | — |
| Total | 15.16 | 24.85 | 4.60 | |
| Random dialing of numbers | 23.17 | 27.67 | 63.68 |
Why change the password on your phone?
Probably no one will argue with the statement that every smartphone needs protection, and a password is one of the most reliable means. But why do you need to change previously registered data?
There are several explanations for this:
- desire to choose a different type of lock (for example, a pattern instead of a PIN code);
- in order to increase reliability (this way attackers will have less chance of choosing the right combination);
- to transfer the smartphone to another person.
You can also define your own replacement scenario. It all depends on the preferences of the device owner and the situation that forced him to change the password.
Nursery rhymes
We take any children's rhyme or counting rhyme as the basis for the password. It is advisable that it be found only in your area and not be generally known. And better than your own composition! Although any children's rhymes will do, the main thing is that the lines are firmly stuck in your head from a young age.
The password will consist of the first letters of each word. Moreover, the letter will be written in uppercase if it is the first in the sentence. We replace some letters with numbers similar in spelling (for example, “h” with “4”, “o” with “0”, “z” with “3”). If you don’t want to get too confused with replacing letters with numbers, look for a counting rhyme that already contains numbers. Don't forget about punctuation marks that separate words and sentences - they will come in handy.
Example:
And she ran after the hare.
If you don't believe it, come out!
We replace the letters “h”, “z” and “o” with similar numbers. The second, third and fourth lines begin with capital letters and are therefore written in uppercase. Include four punctuation marks. Of course, we write in Russian letters, but on the English keyboard layout.
Additional lock screen settings
If you wish, you can change the background image of the lock screen to one of the suggested ones or any from your gallery, change the signature at the bottom of the lock screen, and also change the style of displaying the clock on the lock screen and the shape of the dial buttons for entering the password.
A useful feature is the “Fake Icons” option, which allows you to replace the icon and name of the Screen Lock - Time Password application with one of the proposed ones. It is necessary if an attacker gets hold of an unlocked device - this way he will not be able to find this locking application and delete it. If desired, the application icon can be completely hidden.
Jargon and terminology
This implies the use of professional jargon that is understandable to an extremely narrow number of people. These words are much more distant from the average person than the criminal sayings that are widely covered on television and the streets of any city.
For example, you can use a hospital discharge or a tricky medical definition.
Example:
Cyclopentaneperhydrophenanthrene is a 28-letter term. It turns out to be a bit long, so I propose to throw out the vowels and dilute the remaining consonants with upper case.
Password generation and methods of remembering.
When using a password generator, the result is a meaningless and illogical set of characters. It needs to be stored somewhere. It’s interesting that many people have the habit of writing it down on a piece of paper and sticking it on the monitor. For example, in an office where there are many employees, clients and random people. With the same success, you can create a file on your desktop called “my passwords”. The effect will be the same.
So, here are some general tips for storing and remembering passwords:
1. It is better to create a new unique password for each resource.
2. There is no need to store password combinations on your computer desktop - hackers can easily break into your PC.
3. The password does not need to be kept in plain sight.
4. If the password is written down on a piece of paper, you need to create a copy of it.
5. No need to enter passwords in “strange” or suspicious sites or programs. Portal administrations never require you to provide them with a password - it is used only for login.
6. If a special program is used to store passwords, you need to create a copy of it.
Source
No one will ever guess this four-digit smartphone password
Most people set their date of birth, car number, residential address (house number and apartment number) and other numbers that are easy to remember as a password on their smartphone. However, such PIN codes are extremely easy to guess. But you can set simple four- or six-digit passwords that no one will ever guess—you don't even have to remember them. In this article, we will tell you what this pin code is and how to install it on your Android device.
The most popular passcodes on smartphones
The author of the Big Brother Camera Security program for iPhone (the program automatically takes a photo of an intruder who stole your smartphone) has added a passcode protection function. Since the interface is very similar to the standard iPhone passcode interface, it can be logical to assume that most of the number combinations are the same.
A total of 204,508 passcodes were recorded based on the number of users of the program, so now we have a rating of the most popular number combinations. This is a good addition to the well-known lists of the most popular passwords on the Internet.
The most popular combinations: 1234, 0000, 2580, 1111, 5555, 5683, 0852, 2222, 1212, 1998.
The frequency of each passcode is shown in the diagram.
The ten most popular combinations account for about 15% of all passcodes.
Unlike regular passwords, passcodes are international, so the list of popular combinations should be roughly the same in all countries, with the exception of some English four-letter words such as LOVE (5683).
Most popular combinations follow a geometric pattern, but there are exceptions. In addition to the above-mentioned word LOVE. These are combinations from 1990 to 2000, all of these ten passcodes are included in the Top 50 most popular. Additionally, all passcodes from 1980 to 1989 are in the Top 100.
As you can see from the following chart, any dates from 1930 to 2020 have a much higher frequency than random numbers (****).
Source
Passwords commonly used in Russia
As you know, we Russians have a special mentality, which is extended throughout the entire post-Soviet space, by the way. Our mentality even affects the passwords we use; we have selected the most popular ones:
- password1
- gfhjkm
- 1q2w3e4r5t6y
- hjccnz
- Russia
- cyfqgth
- Home phone number
- Cell phone number
- putin01
- habibufc
- russia2018
- vputin
- medvedev
- soto4ka
- leningrad
- xuyxuy
- baltika9
- laikos
- navalny
- eskander
- brigada
- fapfap
Online password generator
The password generator creates 9 variants of correct and difficult-to-crack passwords. Passwords are generated online; created passwords are not stored anywhere. If you are not satisfied with the resulting passwords, simply click on the “Generate” button to update the list of passwords.
By default, the password generator uses English letters, numbers and service characters. Thanks to simple and convenient settings, you can change the lists of characters, add your own, and change the password length. For more detailed instructions, see the “Password Generator Instructions” section below.
Formula
It's all about the Formula. It consists of 4 parts.
First you need a simple word . It is desirable that this word is easily translated into English and contains at least 5 characters. For example, let's take the word piano. And we write it as if it were located at the beginning of the application, with a capital letter: Pianino .
Then you will need a combination of numbers , 2-3 is enough. It is advisable not to have repetitions of symbols and consecutive numbers. Some sites may not like this. Take your birth number or lucky number to make it easier to remember.
3 parts of the password are ready. And now the icing on the cake. Choose any special character that you like, let it be a question mark “?”.
Final chord. We write down the password according to the formula that you will now compose for yourself, arranging these parts as you wish.
We compose the formula according to the principle:
Here are just some examples of what can happen:
The main thing is to remember the formula by which you will generate it. Experiment with the variations further, move the capital letter, duplicate parts, and so on.
Password generator
List of passwords
Password generator settings
Exceptions
List of symbols used
Password generator instructions
The password generator creates passwords in real time. The created passwords are not saved anywhere and are displayed only on your device (PC, tablet or smartphone).
Each time you change settings, click the “Generate” button, or reload the page, new passwords are created.
By default, English lowercase and uppercase letters, numbers and some service characters are used to generate passwords. To change the list of characters, use “Password Generator Settings”
Password generator settings
Password Length The password generator creates passwords from 5 to 30 characters in length. Initially, passwords are generated with a length of 10 characters. In general, it is not recommended to use passwords less than 7 characters long. Using longer passwords is recommended for stronger protection against hacking, but will likely be difficult to save or remember.
English and Russian letters Traditionally, English (Latin) letters are used for passwords, however, Russian letters can also be used. Russian letters significantly increase the complexity of passwords when trying to crack them by brute force, but be careful, some systems may not support passwords that contain Cyrillic. It is recommended to check first.
Numbers Numbers must be included in the password. Having numbers in a password improves the quality of the password, and passwords with numbers are easier to remember.
Special characters Passwords that contain special characters that are most resistant to hacking. During registration, many systems require that the password must include service characters. We recommend that you do not neglect the use of such symbols and include them in the generated password.
Complication methods
There are several types of combinations to protect against fraudsters:
The first few are easy to hack. It’s okay if this is access to the forum, but when the entrance to the bank’s personal account is poorly protected, then an unpleasant situation will cause a lot of problems. You can make your password more complex using several methods.
Symbols, numbers and letters
The combination of these elements guarantees a high level of safety. Security officials recommend using this combination to save information.
Register
A code of uppercase and lowercase letters will help when creating a complex password. Think in advance about how best to diversify the secret word. Often users alternate between uppercase and lowercase letters, but this method is also quite predictable. In this case, the main thing is not to forget the peculiarity of the secret word.
Changelings
Date of birth is a simple and weak password, but using this method it is easy to create a strong code. Reverse order or more complex ideas are used. For example, the surname is written using a different case, the date of birth is added in reverse order and an additional character is added between them.
This method includes all the described methods. The intended phrase or word is complicated by:
For example, we take the phrase “red wine”, make up a code of 3 letters of each word, we get “kravin”. We write this on the English layout, then “rhfdby” comes out. We further complicate it with numbers or symbols, and the password is ready.
Generator
If you do not want to waste time coming up with and developing a complex combination, then a special system for generating random passwords is recommended. Such programs create random character sets. They use most of the methods we've covered.
You can use the system online or download it to your device. All you have to do is press one button to get the combination.
The main disadvantage of this method is that such ciphers cannot be remembered. They will have to be written down or saved on the device, which is also inconvenient. In addition, self-invented code is more reliable than randomly generated code.
Popular passwords. TOP-30 Passwords to wifi, VK, mail, classmates
The most frequently used passwords have been collected on this page, look at them and never use them if you don’t want to be hacked!
At the dawn of the creation of computer technology, the first operating systems, computer networks, when programmers were just starting to think about creating functionality to differentiate access for different users, few people imagined that most user passwords would be so similar...
Today, decades later, despite the intensive work of thousands of information security specialists, 90% of users have not learned how to make good passwords for their email, Wi-Fi, and pages on social networks. This fact benefits all sorts of hackers and those who like to have fun reading other people’s letters... The majority of users use simple, familiar passwords, a list of which we publish below. This list is published for one purpose only – to open people’s eyes and warn them against creating bad passwords.
Created a simple password - helped a hacker gain access to your personal information.
How to come up with a strong password for your phone: methods for making your password more complex
A complex password is one way to protect personal information. Attackers easily hack profiles using appropriate programs, so a short combination becomes a godsend for them.
Of course, scammers use not only special software, but also viruses, social engineering, etc. A complex cipher does not guarantee that information will never be stolen, but a well-written phrase will become an obstacle in the path of hackers.
How to create the strongest password against hacking?
No one wants someone else to take over their data (social networks) - by coming up with a strong password, this will not happen. The recipe for a strong password is extremely simple and banal:
Important: You should avoid using words or expressions in your passwords.
An example of a strong password that is easy to remember for 47 year old IT manager Sasha, who owns a red BMW: IT47bmw47RED
Application-bank of passwords from Wi-Fi networks around the world
Someone must be connected to every Wi-Fi network, otherwise such a network simply would not exist. In addition, passwords for most wifi networks do not change for years; the creators of the WiFi Map Pro application took advantage of this feature. This application, after installing it on your mobile, reads all the passwords from the Wi-Fi networks to which you connected and shares them with other users of this application. Brilliant! Be sure to try this application, you will like it!
Password cracking programs: test your password strength
It's a shame when you think something is reliable, but it quickly breaks - it's especially annoying when your password is broken. It’s quite easy to check your password for hacking resistance; just use special programs:
3 more useful articles:
This program helps you regain access to locked accounts through lost passwords. Resets existing passwords...
WiFi Guard is an absolutely necessary utility for all enthusiasts with a small wireless network who want to secure it.…
WiFi Crack is a program for forgetful users or novice crackers. Allows you to brute force easily and simply...
Unlocking your phone
If you came up with a password and could not remember it, as a result of which your smartphone was blocked, you will have to use a program to select the cipher.
Tenorshare 4uKey for Android
This utility is downloaded to your PC and helps solve the locked screen problem. Sequencing:
iSkysoft Toolbox
Here's a simple algorithm to use:
This software does not support all Android smartphones; it only works on operating systems up to version 6.0. In addition, the application interface is created in English, but even with minimal knowledge it will be easy for users to understand.
An unlocking program is an extreme way to solve the problem. To avoid this problem, we recommend creating unique passwords yourself and storing them in a separate place. Even a generator cannot come up with a more secure combination than a person who uses several encryption methods at once.
