Академический Документы
Профессиональный Документы
Культура Документы
While all attempts have been made to verify information provided in this publication,
the Publisher assumes no responsibility for errors, omissions, or contrary interpretation
of the subject matter herein. Any perceived slights of specific persons, peoples, or
organizations are unintentional.
In practical advice books, like anything else in life, there are no guarantees of income
made. Readers are cautioned to rely on their own judgment about their individual
circumstances to act accordingly.
This book is NOT intended for use as a source of legal, business, accounting or financial
advice. All readers are advised to seek services of competent professionals in legal,
business, accounting and finance fields.
I want to impress upon you that they have NOTHING to do with my own views,
language, manners or mindset! If you would be upset by reviewing such offensive
language and related words, I URGE you:
Please refrain yourself from reading further! STOP NOW and close the
document … OR read on – at your own risk.
-Page 3 of 33 -
Table of Contents
Terms and Conditions 3
LEGAL NOTICE 3
Offensive Language WARNING! 3
Foreword 6
The Phishing of MySpace 7
Beware of phishing! It just grew bigger these days… 9
Recent attempts on Skype… 9
-Page 4 of 33 -
What‟s My Pass? has a bigger list even 27
TOP 500 Most Common Passwords Used Online 27
Recommendations 30
Why I think YOU should use an automatic solution to stay safe & protected 30
A recommended solution: RoboForm Password Manager & Automatic Form Filler32
32
-Page 5 of 33 -
Foreword
Foreword
The Internet is a place of both fabulous marvels beyond imagination AND at the same
time a dark pit of hidden deceptions, stolen identities and in-numerable threats poised
at YOU, the innocent user/surfer.
Have no doubt!
Read the frightening tales that follow and draw your own conclusions.
-Page 6 of 33 -
T h e P h i s h i n g o f M y S p a ce
The Phishing of MySpace
October 2006
A phishing attack is actually a copy of the login page of a given site, controlled by a
hacker that is receiving the credentials which unsuspecting victims would input in the
fields on the page.
Usually, looking closely at the URL in your browser‟s address bar you would spot the
difference easily, but hackers are smart people, so they try to outwit you to that.
A very interesting method was used in the case of the MySpace phishing attack in 2006.
If you pay close attention to the following screenshot, you should notice that the login
table even has a picture to instruct the users where to look before they sign in…
…which WAS replicated on the phishing page.
-Page 7 of 33 -
Due to various anti-virus and security software that would normally detect XSS and
other devious redirects and warn you … the phishing pages may be automatically
detected quite easily these days.
http://myspace.com/login_home_index_html
… which proved „good enough‟ for their purpose.
This way they tricked 47.380 users before the attacked was stopped!
The collected data was forwarded to a web server located in Spain, where the attackers
would harvest it later.
The main take from this analysis would be that whenever you are going to input your
credentials into the login fields, it is very important to check if you‟re on a legitimate
page.
TIP: Better type in the root domain name in the browser‟s address bar yourself, or use a
previously memorized bookmark of YOUR OWN – never use any link that you receive in
a message (be it an email, a Skype message, etc…) because you may be tricked into
clicking on a fake link, no matter how cool that link looks like.
-Page 8 of 33 -
Beware of phishing! It just grew bigger these days…
Don‟t read this as it would be just funny story or a Bogeyman tale for bed time…
See?.. I am sure all the above 47k+ people thought the same!
You will be horrified to see how many results you will get; how many phishing software
and similar or “How To Guides” are there teaching young hacker wannabes the simple
basics of phishing as well as many other hacks.
I am a member of various Skype chat channels – I use Skype extensively to keep close
contact to friends and business partners from all around the world.
Normally, no one should click on these, but the twisted mind trick is this…
…after a few attempts, when the hackers manage to get hold of someone‟s Skype
account, they also get access to all the contact lists of the victim and
block that victim‟s access back to Skype!
As a result, the links are spreading from your own friends (pretty much like the chain
letters or hoax emails work too) – thus people having their security shields very low - so
to speak.
This document is not intended to be an extensive course on security, but at least the
minimal concepts should be obvious by now:
* IF you really want to check un-solicited links you receive from ANYBODY, rather
type them into your browser (or not at all) BUT DO NOT CLICK!
-Page 9 of 33 -
The Hacking of db.Singles.org
The Hacking of db.Singles.org
February 2009
Singles.org, a Christian dating site was suddenly getting a lot of attention online. There
was a security flaw reported and many people (hackers included) swarmed upon it to see
the „goodies‟.
The problem they had was due to an absolutely unforgivable lack of any minimal
security protocols in place.
Singles.org was using - at that time - querystring parameters to identify a user and the
mode the page displayed in.
As a result, anyone could switch to edit mode without any authentication in place.
The account numbers they used were short (6 digits only) so even an undergraduate
„hacker‟ could simply generate random numbers, to see what comes up … and boy, lots
and lots of accounts were coming up!
Once given access to any account, the perpetrator could have easily update it and start
impersonate the original owner.
The worst thing happened because many of this website‟s members were in fact using
the same login credentials cross-platform.
As such, once getting a valid username and password combination, these were also tried
on various other social networking sites, like Twitter and FaceBook, for starters.
4chan on FaceBook
The hacking group known as „4chan‟ really did this, its members starting to post racist,
sexist or hatred messages through these mediums, impersonating their victims.
The same online group is known to be responsible for hacking former Alaskan governor
Sarah Palin's email account and spread hoax news about a spate of celebrity deaths…
-Page 10 of 33 -
Once inside a victim‟s FaceBook account, the hackers started to „play‟ with nasty
messages - some being a bit humorous, but mostly NOT!
In one instance, they superimposed a target's face on to a picture of a naked woman and
published it on her Facebook page; afterwards, they pretended to have uploaded the
wrong picture by mistake.
This one is not even so bad after all – kinda like some black humor (although I bet Zak‟s
relatives weren‟t quite happy) … BUT the next ones are really nasty!
-Page 11 of 33 -
The car accident – Steven & the homeless…
The hackers got hold of the account of a person called Steven
(no relationship with me folks, ha, ha…)
The „faked‟ Steven pretended he just hit someone in a car accident (a homeless man)
and was trying to cover his tracks, looking for comfort and advice from his FaceBook
friends (kinda stupid, huh?)
Some people were trying to convince Steven to go to the police and report the accident,
while he was „thinking‟ to go back and make the body disappear…
The next two cases have strong words and language related to sex – you may jump
OVER them with this link: JUMP OVER to Next Chapter
-Page 12 of 33 -
The case of pious Sarah & the Reverend…
4chan‟s have chosen a woman‟s profile this time (Sarah) „pretending‟ she was drunk…
and talking a bit on the side of „dirty‟ …
Being initially harvested from Singles.org, the profile was actually one of a religious
woman, not acting like that in any circumstances in real life – BUT wait to see the
reaction of Reverend Jeffery who knew Sarah personally…
-Page 13 of 33 -
The case of HOT Tracy… and the love cave!
This one is absolutely delicious - about a GREAT - long awaited for - sex she had
recently with the stallion named Micheal. Enjoy!
Heh!…
-Page 14 of 33 -
YOU Are in Danger!
Of course all these examples - as well as many others that you will find documented on a
blog called The Coffee Desk…
…just helped me prove how dangerous could be to have your password
harvested from somewhere and then used to access:
more and more social network accounts,
maybe your email accounts and finally
PayPal, or
your bank accounts as well
This is no joke…
You ARE in danger!
(we all are…)
The file „cristian.txt‟ (containing the complete list hacked from Singles.org database)
was shared around all the Internet at the date … and it is reported in the above article
that some of the pictures – posted online by 4chan members directly in a bragging
attempt – contained traces that the hackers were using the logins to access even more
accounts, not only FaceBook…
There were Yahoo mail tabs open in those pics for instance…
While most of the cases were more or less trying to make fun (bad taste fun maybe, but
still…) there were others desperate, trying to make these ones stop!
BUT
Not attempting to be the „Good Jedi‟ on the right side of “The Force” doing so … in fact
they were upset that their sneaky tactics would be left worthless by the uproar on
FaceBook.
You see, they just wanted to silently change the „secret recovery question‟ of their
victims email accounts along with the passwords.
This way, the said victims would completely lose control of everything in their accounts,
without any possibility for a future recovery.
-Page 15 of 33 -
As we all know, many websites offer password recovery for lost login credentials, so a
hacker wouldn‟t need to know or have a list of all your logins,
BUT …
… only of your main email account.
From there they can start asking for password changes all around the social networks
and really, really „steal‟ your online presence from you.
It is very easy to spot these weak security websites if you go to the „Lost Pasword‟ page
and try that feature.
1. IF you will get from them an email containing your password in plain text that
means the password is stored in plain text format in their database too, hence
very dangerous in case the file gets hacked at any time in the future.
2. However, if you get a temporary password auto-generated or you are instructed
to go to a special page on the website where to make a new password because the
old one was reset at the time of your recovery request, that means the site owners
don‟t have access themselves to the passwords, which are securely stored in hash
form.
On top of this, always keep the good habit of using different passwords for different
sites, because
-Page 16 of 33 -
The Hac k in g o f p h p B B
The Hacking of phpBB
February 2009
On February 6th, 2009 Robert Graham - CEO of Errata Security - published an article
(on the Dark Readings Blog) about the newest hack of the time:
-Page 17 of 33 -
4% of passwords appear to reference things nearby
o "samsung"
was a very popular password maybe because it's the brand name of the
monitor people are looking at when typing…
There are a lot of names of home computers as well, like:
o "dell"
o "packard"
o "apple"
o "pavilion"
o "presario"
o “compaq”
The analysis goes deeper and deeper, but for the purpose of this report, it would be
enough to take note that the password length distribution was as follows:
o 1 character 0.34%
o 2 characters 0.54%
o 3 characters 2.92%
o 4 characters 12.29%
o 5 characters 13.29%
6 characters 35.16%
o 7 characters 14.60%
o 8 characters 15.50%
o 9 characters 3.81%
o 10 characters 1.14%
o 11 characters 0.22%
Given the fact that the vast majority of the passwords were, furthermore, dictionary
passwords, the average length of 6 characters shows a very disturbing trend.
People are still not adequately educated on computer and internet security basics even…
It is very easy to devise software that would crack all these passwords in a matter of
hours, 1-2 days at the most – even for quite a large database sample.
-Page 18 of 33 -
The Lists of The Most Common
Passwords Used Online
3 Combined Lists:
MySpace +
phpBB +
Singles.org
Guys, please use the following passwords lists ONLY for the purpose of AVOIDING
-Page 19 of 33 -
16 0.1 monkey 118 141 0.03 banana 33
17 0.1 dragon 115 142 0.03 james 33
18 0.1 trustno1 112 143 0.03 asdfasdf 33
19 0.09 111111 107 144 0.03 victory 33
20 0.09 iloveyou 105 145 0.03 london 33
21 0.09 1234567 102 146 0.03 123qwe 33
22 0.08 shadow 98 147 0.03 123321 33
23 0.08 123456789 95 148 0.03 startrek 32
24 0.08 christ 95 149 0.03 george 32
25 0.08 sunshine 93 150 0.03 winner 32
26 0.08 master 92 151 0.03 maggie 32
27 0.08 computer 90 152 0.03 trinity 32
28 0.08 princess 88 153 0.03 online 32
29 0.07 tigger 84 154 0.03 123abc 32
30 0.07 football 83 155 0.03 chicken 32
31 0.07 angel 79 156 0.03 junior 32
32 0.07 jesus1 76 157 0.03 chris 32
33 0.07 123123 76 158 0.03 passw0rd 31
34 0.07 whatever 76 159 0.03 austin 31
35 0.06 freedom 74 160 0.03 sparky 31
36 0.06 killer 73 161 0.03 admin 31
37 0.06 asdf 71 162 0.03 merlin 31
38 0.06 soccer 71 163 0.03 google 31
39 0.06 superman 71 164 0.03 friends 31
40 0.06 michael 71 165 0.03 hope 31
41 0.06 cheese 66 166 0.03 shalom 31
42 0.06 internet 65 167 0.03 nintendo 30
43 0.06 joshua 65 168 0.03 looking 30
44 0.05 fuckyou 64 169 0.03 harley 30
45 0.05 blessed 64 170 0.03 smokey 30
46 0.05 baseball 63 171 0.03 7777 30
47 0.05 starwars 59 172 0.03 joseph 30
48 0.05 0 59 173 0.03 lucky 30
49 0.05 purple 58 174 0.03 digital 30
50 0.05 jordan 58 175 0.03 a 30
51 0.05 faith 58 176 0.03 thunder 30
52 0.05 summer 57 177 0.03 spirit 30
53 0.05 ashley 57 178 0.02 bandit 29
54 0.05 buster 56 179 0.02 enter 29
-Page 20 of 33 -
55 0.05 heaven 55 180 0.02 anthony 29
56 0.05 pepper 53 181 0.02 corvette 29
57 0.04 7777777 52 182 0.02 hockey 29
58 0.04 hunter 52 183 0.02 power 29
59 0.04 lovely 51 184 0.02 benjamin 29
60 0.04 andrew 51 185 0.02 iloveyou! 29
61 0.04 thomas 51 186 0.02 1q2w3e 29
62 0.04 angels 51 187 0.02 viper 29
63 0.04 charlie 50 188 0.02 genesis 29
64 0.04 daniel 50 189 0.02 knight 28
65 0.04 1111 49 190 0.02 qwerty1 28
66 0.04 jennifer 49 191 0.02 creative 28
67 0.04 single 49 192 0.02 foobar 28
68 0.04 hannah 49 193 0.02 adidas 28
69 0.04 qazwsx 48 194 0.02 rotimi 28
70 0.04 happy 48 195 0.02 slayer 28
71 0.04 matrix 48 196 0.02 wisdom 28
72 0.04 pass 48 197 0.02 praise 27
73 0.04 aaaaaa 48 198 0.02 zxcvbnm 27
74 0.04 654321 47 199 0.02 samuel 27
75 0.04 amanda 47 200 0.02 mike 27
76 0.04 nothing 47 201 0.02 dallas 27
77 0.04 ginger 46 202 0.02 green 27
78 0.04 mother 46 203 0.02 testtest 27
79 0.04 snoopy 46 204 0.02 maverick 27
80 0.04 jessica 46 205 0.02 onelove 27
81 0.04 welcome 46 206 0.02 david 27
82 0.04 pokemon 45 207 0.02 mylove 27
83 0.04 iloveyou1 45 208 0.02 church 27
84 0.04 11111 45 209 0.02 friend 27
85 0.04 mustang 45 210 0.02 god 27
86 0.04 helpme 45 211 0.02 destiny 27
87 0.04 justin 44 212 0.02 none 26
88 0.04 jasmine 44 213 0.02 microsoft 26
89 0.04 orange 44 214 0.02 222222 26
90 0.04 testing 44 215 0.02 bubbles 26
91 0.04 apple 43 216 0.02 11111111 26
92 0.04 michelle 43 217 0.02 cocacola 26
93 0.04 peace 42 218 0.02 jordan23 26
-Page 21 of 33 -
94 0.04 secret 42 219 0.02 ilovegod 26
95 0.04 1 42 220 0.02 football1 26
96 0.04 grace 42 221 0.02 loving 26
97 0.04 william 42 222 0.02 nathan 26
98 0.04 iloveyou2 41 223 0.02 emmanuel 26
99 0.04 nicole 41 224 0.02 scooby 26
100 0.04 666666 41 225 0.02 fuckoff 26
101 0.04 muffin 41 226 0.02 sammy 26
102 0.04 gateway 41 227 0.02 maxwell 26
103 0.04 fuckyou1 41 228 0.02 jason 25
104 0.03 asshole 40 229 0.02 john 25
105 0.03 hahaha 40 230 0.02 1q2w3e4r 25
106 0.03 poop 40 231 0.02 baby 25
107 0.03 blessing 40 232 0.02 red123 25
108 0.03 blahblah 40 233 0.02 blabla 25
109 0.03 myspace1 39 234 0.02 prince 25
110 0.03 matthew 39 235 0.02 qwert 25
111 0.03 canada 39 236 0.02 chelsea 25
112 0.03 silver 39 237 0.02 55555 25
113 0.03 robert 39 238 0.02 angel1 25
114 0.03 forever 39 239 0.02 hardcore 25
115 0.03 asdfgh 38 240 0.02 dexter 25
116 0.03 rachel 38 241 0.02 saved 25
117 0.03 rainbow 38 242 0.02 112233 25
118 0.03 guitar 38 243 0.02 hallo 25
119 0.03 peanut 37 244 0.02 jasper 25
120 0.03 batman 37 245 0.02 danielle 25
121 0.03 cookie 37 246 0.02 kitten 25
122 0.03 bailey 37 247 0.02 cassie 24
123 0.03 soccer1 37 248 0.02 stella 24
124 0.03 mickey 37 249 0.02 prayer 24
125 0.03 biteme 37 250 0.02 hotdog 24
-Page 22 of 33 -
The previous table shows the number of passwords from the three lists above that would
have been cracked in a brute force attack using one of the four wordlists presented.
It strongly suggests that such an attack would have revealed appreciable numbers of the
user passwords, due to the weaknesses we have analyzed.
Nowadays, the various software solutions that may be used to crack such a list, as well as
the computer speeds increased exponentially.
The results may vary considerably in such a case (to the worst!)
Bogdan Calin recently ran a new analysis of over 10.000 Windows Live email accounts
whose credentials were anonymously posted by a hacker on the PasteBin website – the
results have been posted on the Acunetix Security Blog
We should notice that this time the sample contains far more Spanish speaking people
accounts (look at the names!) – so it would be safe to assume that the phishing was
targeted towards the Latino community.
-Page 23 of 33 -
13. 000000 - 7
14. roberto - 7
15. 654321 - 6
16. bonita - 6
17. sebastian - 6
18. beatriz - 6
19. mariposa - 5
20. america - 5
“iloveyou”
and its Spanish equivalent in this case
“tequiero”
To make things worse, at a later date - only a few days later - the same hacker posted an
even larger sample of over 30.000 accounts on the same site mentioned initially:
PasteBin.
Studying all the accounts from the first 10.000, Dmitry Evteev from PT Research
noticed that all the entries were beginning with letters a and b, suggesting that in fact a
much larger database was hacked from Hotmail.
Given the letter frequency distribution in the dictionary and the size of the a-b sample
studied, Evteev deducted probably there were over 150.000 accounts harvested!
-Page 24 of 33 -
RockYou hack – The ‘Godzilla’ database
RockYou hack – The „Godzilla‟ database
December 2009
RockYou – the website providing a series of widgets most popular with MySpace and
Facebook users - has been hacked!
- announces Imperva first, followed by Guardian and few other blogs.
Imperva said RockYou was hacked using an SQLi (SQL Injection) attack.
This is a very popular technique (as we have seen before in the case of Christians.org)
that works against sites using SQL databases to dynamically create pages for specific
users.
Basically the hackers would insert commands written in the SQL database query
language into web site queries.
-Page 25 of 33 -
Lessons to be learned
The lesson to learn and your take
Some websites are more secure than others requesting
longer passwords,
combinations of letters with signs and numbers,
certain lengths,
denying the users password if matches the username,
disallowing certain most common dictionary words, etc..
on the one hand…
…while on the other hand being conscious of their own internal possible flaws and
keeping the passwords in hash salted form (not available even for their own admins)
BUT
There are also millions of other websites with much less security in place.
These may be hacked one day, or they may have their HDs stolen physically or
whatever…
We should be the only ones to be continuously aware of the security risks involved and:
Never use the same username / password combination twice
Always use the strongest possible passwords we may come with
Not dictionary words
Not our pet‟s name
Or our Mother-in-Law‟s
Neither the latest basketball or rock star‟s name
Nor the latest trends in gaming
Finally, not even the coolest 4 letter word you just learned…
TIP:
I personally use a cool piece of software (comes as a free download – so nothing to pay
for) that saved me hours and hours of typing passwords, remembering them (or not!),
but much more (automatically filling fields in web forms for me, etc…) namely >>>
RoboForm >> FREE Download << RoboForm
RoboForm
-Page 26 of 33 -
What’s My Pass?
What‟s My Pass? has a bigger list even
WhatsMyPass.com is a website that uses various software solutions to help their users
recover lost (forgotten) passwords.
This entitles them to have an even larger sample of passwords used by people online,
this time coming from many different websites.
While the TOP doesn‟t always overlap perfectly, there are some staggering similarities
that just show once more (if needed?) how bad the situation is and how dangerously
easy would be for even a wiz kid hacker to get access to thousands of accounts all over
the web.
This list contains patterns showing more offensive words and language, probably due to
the fact that some of the accounts must have been from porn sites and similar.
No matter how „offensive‟ the word would be – is still stupid – there is a wordlist out
there that contains it.
Among the first 20 entries you will notice many of the ones we have already become
familiar with, like:
“password”
“123456”
“qwerty”
“letmein”
“fuckme”
“pussy”
etc…
No surprises, heh?
-Page 27 of 33 -
Pos Top 1-100 Top 101–200 Top 201–300 Top 301–400 Top 401–500
1 123456 porsche firebird prince rosebud
2 password guitar butter beach jaguar
3 12345678 chelsea united amateur great
4 1234 black turtle 7777777 cool
5 pussy diamond steelers muffin cooper
6 12345 nascar tiffany redsox 1313
7 dragon jackson zxcvbn star scorpio
8 qwerty cameron tomcat testing mountain
9 696969 654321 golf shannon madison
10 mustang computer bond007 murphy 987654
11 letmein amanda bear frank brazil
12 baseball wizard tiger hannah lauren
13 master xxxxxxxx doctor dave japan
14 michael money gateway eagle1 naked
15 football phoenix gators 11111 squirt
16 shadow mickey angel mother stars
17 monkey bailey junior nathan apple
18 abc123 knight thx1138 raiders alexis
19 pass iceman porno steve aaaa
20 fuckme tigers badboy forever bonnie
21 6969 purple debbie angela peaches
22 jordan andrea spider viper jasmine
23 harley horny melissa ou812 kevin
24 ranger dakota booger jake matt
25 iwantu aaaaaa 1212 lovers qwertyui
26 jennifer player flyers suckit danielle
27 hunter sunshine fish gregory beaver
28 fuck morgan porn buddy 4321
29 2000 starwars matrix whatever 4128
30 test boomer teens young runner
31 batman cowboys scooby nicholas swimming
32 trustno1 edward jason lucky dolphin
33 thomas charles walter helpme gordon
34 tigger girls cumshot jackie casper
35 robert booboo boston monica stupid
36 access coffee braves midnight shit
37 love xxxxxx yankee college saturn
38 buster bulldog lover baby gemini
39 1234567 ncc1701 barney cunt apples
40 soccer rabbit victor brian august
-Page 28 of 33 -
41 hockey peanut tucker mark 3333
42 killer john princess startrek canada
43 george johnny mercedes sierra blazer
44 sexy gandalf 5150 leather cumming
45 andrew spanky doggie 232323 hunting
46 charlie winter zzzzzz 4444 kitty
47 superman brandy gunner beavis rainbow
48 asshole compaq horney bigcock 112233
49 fuckyou carlos bubba happy arthur
50 dallas tennis 2112 sophie cream
51 jessica james fred ladies calvin
52 panties mike johnson naughty shaved
53 pepper brandon xxxxx giants surfer
54 1111 fender tits booty samson
55 austin anthony member blonde kelly
56 william blowme boobs fucked paul
57 daniel ferrari donald golden mine
58 golfer cookie bigdaddy 0 king
59 summer chicken bronco fire racing
60 heather maverick penis sandra 5555
61 hammer chicago voyager pookie eagle
62 yankees joseph rangers packers hentai
63 joshua diablo birdie einstein newyork
64 maggie sexsex trouble dolphins little
65 biteme hardcore white 0 redwings
66 enter 666666 topgun chevy smith
67 ashley willie bigtits winston sticky
68 thunder welcome bitches warrior cocacola
69 cowboy chris green sammy animal
70 silver panther super slut broncos
71 richard yamaha qazwsx 8675309 private
72 fucker justin magic zxcvbnm skippy
73 orange banana lakers nipples marvin
74 merlin driver rachel power blondes
75 michelle marine slayer victoria enjoy
76 corvette angels scott asdfgh girl
77 bigdog fishing 2222 vagina apollo
78 cheese david asdf toyota parker
79 matthew maddog video travis qwert
80 121212 hooters london hotdog time
81 patrick wilson 7777 paris sydney
82 martin butthead marlboro rock women
-Page 29 of 33 -
83 freedom dennis srinivas xxxx voodoo
84 ginger fucking internet extreme magnum
85 blowjob captain action redskins juice
86 nicole bigdick carter erotic abgrtyu
87 sparky chester jasper dirty 777777
88 yellow smokey monster ford dreams
89 camaro xavier teresa freddy maxwell
90 secret steven jeremy arsenal music
91 dick viking 11111111 access14 rush2112
92 falcon snoopy bill wolf russia
93 taylor blue crystal nipple scorpion
94 111111 eagles peter iloveyou rebecca
95 131313 winner pussies alex tester
96 123123 samantha cock florida mistress
97 bitch house beer eric phantom
98 hello miller rocket legend billy
99 scooter flower theman movie 6666
100 please jack oliver success albert
Recommendations
Recommendations
Why I think YOU should use an automatic solution to
stay safe & protected
Ten years ago we should have visited a handful of websites and would have call it a day…
Right?
It‟s not going to get better, but worse. We will soon have to login to thousands of
websites – it‟s just natural.
-Page 30 of 33 -
And if I did my job at least half right, by now you must have seen the obvious solution:
We need different passwords on each of these websites, or else we risk to have our
online identities stolen from us and used for God knows what criminal activities.
You may choose to use anything, from a slip of paper to a notebook to keep your login
credentials in handwritten form (very unsecure) or even some kind of electronic
solution, like creating a file on your computer with all the passwords in it.
However, you will have to keep them close at hand and I can imagine you…
… licking a finger and turning the pages of the notebook, to find
that tricky record that just doesn‟t want to surface right now…
Well… do what you have to do.
While there is a PRO paid version of it that I‟m using every day … you don‟t have to pay
anything if you don‟t want to.
I have chosen the paid one to have access to even greater features and extended
capabilities, especially on the side of form filling and mobile usage (you can use it even
from a mobile phone or an USB stick – cute, huh?)
However, the free version will basically cover all the needs you have related to the
dangers depicted in this report.
-Page 31 of 33 -
A recommended solution: RoboForm Password Manager
& Automatic Form Filler
-Page 32 of 33 -
The sources
Sources Used To Assemble This
Report
Use for reference and further research
Bruce Schneier on Security Blog
Jimmy Ruska‟s Blog
Stuart Brown‟s Modern Life Blog
Robert Graham on Dark Reading Blog
John Leyden on The Register Blog
Bogdan Calin on Acunetix Blog
Dmitry Evteev on PT Research Blog
admin (sic!) on WhatsMyPass Blog
WikiPedia The Free Encyclopedia on Letter Frequency
-Page 33 of 33 -