[ISN] Why ‘123456’ is a great password

http://www.csoonline.com/article/2455088/identity-access/why-123456-is-a-great-password.html By Antone Gonsalves CSO Online July 17, 2014 New research shows that “123456” is a good password after all. In fact, such useless credentials from a security standpoint have an important role in an overall password management strategy, researchers at Microsoft and Carleton University, Ottawa, Canada, have found. Rather than hurt security, proper use of easy-to-remember, weak credentials encourages people to use much stronger passwords on the few critical sites and online services they visit regularly. “Many sites ask for passwords, but they require no security at all,” Paul C. Van Oorschot, a Carleton professor and a co-author of the research, said. “They basically want to get the email address to contact you, but there’s nothing to protect.” Strong passwords would be more likely adopted if people learned to use them only on critical accounts, such as employer websites, online banking and e-commerce sites that store the user’s credit card number. To be effective, this group should be small. […]