Weak passwords

From Total Malware Info

By Vitaly Kiktenko, Virus Analyst.

It was recently noticed that a lot of new malware, especially worms and viruses, use dictionary brute-force attacks on network computers to spread their copies on their shared folders. Example of such viruses can be Virus.Win32.Alman.a, Worm.Win32.Fujack.a. Those viruses try to connect with “Administrator” or “Guest” account using one of the following passwords:

zxcv
qazwsx
qaz
qwer
!@#$%^&*()
!@#$%^&*(
!@#$%^&*
!@#$%^&
!@#$%^
!@#$%
aasdf 
sdfgh
!@#$
654321
123456
12345
1234
123
111
1234
password
6969
harley
123456
golf
pussy
mustang
1111
shadow
1313
fish
5150
7777
qwerty
baseball
2112
letmein
12345678
12345
ccc
admin
5201314
qq520
1
12
123
1234567
123456789
654321
54321
111
000000
abc
pw
11111111
88888888
pass
passwd
database
abcd
abc123
sybase
123qwe
server
computer
520
super
123asd
Ihavenopass
godblessyou
enable
xp
2002
2003
2600
alpha
110
111111
121212
123123
1234qwer
123abc
007
a
aaa
patrick
pat
administrator
root
sex
god
foobar
secret
test
test123
temp
temp123
win
pc
asdf
pwd
qwer
yxcv
zxcv
home
xxx
owner
login
Login
pw123
love
mypc
mypc123
admin123
mypass
mypass123

These passwords are considered “weak” because they are too easy to guess. Using such passwords is not safe, not only because viruses can easily infect your PC but also because other people can gain access to your confident data.

A strong password consists of a minimum of six characters (the more characters - the stronger password). A combination of both uppercase and lowercase letters also makes the password stronger. Strong passwords usually avoid words found in the dictionary and also do not contain parts of the user’s name and should never belong to any serialization, such as mypass123, mypass124, mypass125... and so on. A combination of two or more words with a mixture of uppercase and lowercase alphabets usually makes a strong password.

Password dictionary attacks are also performed on SQL Servers by some of the advanced backdoors. The main purpose of such backdoors is searching for exploits and weaknesses on network machines and informing the attackers of it. For example Backdoor.Win32.VanBot searches the network for computers running MS SQL server and tries to connect to DB administrator account using one of the following passwords:

administrator
administrador
administrateur
administrat
admins
admin
adm
password1
password
passwd
pass1234
pass
pwd
007
1
12
123
1234
12345
123456
1234567
12345678
123456789
1234567890
2000
2001
2002
2003
2004
test
guest
none 
demo
unix
linux
changeme
default
system
server
root
null
qwerty
mail
outlook
web
www
internet
accounts
accounting
home
homeuser
user
oem
oemuser
oeminstall
windows
win98
win2k
winxp
winnt
win2000
qaz
asd
zxc
qwe
bob
jen
joe
fred
bill
mike
john
peter
luke
sam
sue
susan
peter
brian
lee
neil
ian
chris
eric
george
kate
bob
katie
mary
login
loginpass
technical
backup
exchange
fuck
bitch
slut
sex
god
hell
hello
domain
domainpass
domainpassword
database
access
dbpass
dbpassword
databasepass
data
databasepassword
db1
db2
db1234
sa
sql
sqlpassoainstall
orainstall
oracle
ibm
cisco
dell
compaq
siemens
hp
nokia
xp
control
office
blank
winpass
main
lan
internet
intranet
student
teacher
staff 

To better protect your valuable data from such kind of attacks we recommend using specialized “strong” password generatation software. Also it would be a good idea to change passwords frequently – for example at least once a week.