You may have read about a security breach at Gawker Media, the company behind several websites including Lifehacker.
The server files have been posted at various locations around the web, so I thought I’d take a look. Finding your own email address and decrypted password in a file obtained online is a sobering experience, I can tell you. Fortunately, it was not a password that I use elsewhere, so no damage done. It was, however, a ridiculously “soft” password (all digits, if you must know).
Of course, my thoughts soon turned to data analysis. A quick and dirty bash one-liner reveals the top 10 passwords…
cut -d " " -f 3 parsed_db.txt | \
awk '{count[$1]++}END{for(j in count) print j,""count[j]""}' | \
sort -nrk2 | head
123456 3057
password 1955
12345678 1119
lifehack 661
qwerty 418
abc123 333
111111 311
monkey 300
consumer 273
12345 253
OK, now I don’t feel quite so bad. At least my digits were mixed up a little…
Next, I exported my GMail address book and used R to match the email addresses in the file. I won’t bore you with the details. I found four of my contacts (one password still encrypted, three cracked) and notified them. Hopefully, they won’t think my uncharacteristic Twitter DMs are further evidence of a breach.
Take-home message: use strong passwords. Change them from time to time and don’t use the same one for multiple sites. It can happen to the best of us.
I have been slowly changing my “soft” password over the last few months to something a little stronger, and I never keep it the same as my email address. Events like this make me glad that I took the time.
I owe you one Neil. Thanks to your sleuthing I changed my password the moment I got your DM.