UPDATED: Sarah Palin's password: "popcorn"

Thu Sep 18, 2008 11:46AM EDT

See Comments (2)

Buried in the coverage of the hacking of the Sarah Palin Yahoo! Mail account incident is a troubling fact: Her password was woefully inadequate. How sad was it? Well, it was "popcorn." (please see update below)

Speculation has been running rampant about how the hackers got into the account, but my bet is that the attackers simply ran through a list of common passwords using brute force methods, hoping to get lucky with a hit. Such lists of frequently-used passwords and common names are easy to find on the web and in hacking software programs, and in fact these lists can be instructive to regular users in showing them what not to pick as a password.

The Palin incident is not at all an issue of the importance of frequently changing your password (which is largely useless) but rather of picking a good password to begin with. (One researcher found that you can crack a full 24% of people's passwords by simply trying the 1,000 most common passwords plus the 100 most common suffixes, a hack that a good computer can perform in about two minutes.) In other words: If you change your password from "password" to "popcorn," it doesn't matter how frequently you make the switch. If you've got a password that's easy to guess, no matter how fresh it is, once someone gets it in their mind to hack into your account, you're finished.

Need help selecting a password that doesn't stink? Check out this advice, pronto. And pass the popcorn.

UPDATE: Alternating (and possibly more complete) reports than the one linked above provide additional detail, noting that the hacker changed Palin's password to "popcorn" after resetting it through a "forgot my password" link. If that's the case, please see this post about how such links have become the "easy way in" for hackers, and I apologize for impuning Palin's password-selection capabilities. Still, the same basic rules about easily-guessible passwords apply to your password reset information. Also, this still stands as a good opportunity for everyone to think about how secure their passwords are.

POLL: Is your password an English word?

Comments on UPDATED: Sarah Palin's password: "popcorn"

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 1 Posted by dcsoccer25 on Thu Sep 3, 2009 3:39PM EDT Report Abuse

    Well it just goes to show you, can't ever be too careful. This does remind me, I should probably start changing my passwords, it's been a while...

  • 2 Posted by le103433 on Thu Sep 3, 2009 4:58PM EDT Report Abuse

    The entire story is bizarre and frighening . One of the two doesn't know how to work on computers the other leaves herself vulnerable for intruders. In this age of high tech it is highly recommended that whoever takes control must be careful and knowledgeable about the ins and outs of computers otherwise these Chinese and Russian folks will have a free ride just like those hackers. The qualities of leadership go beyond ideological positions and display of charm.

More Posts: 1

Post a Comment

Sign In to Post a Comment

My Tech

Please enable your browser's cookies to activate the My Tech column.

Also on Yahoo! Tech

Computers Home Office Wi-Fi & Networking Phones & PDAs Cameras & Camcorders TV & Home Theater Portable Audio
 

Site Map | Tour | Subscribe to Yahoo! Tech

Question and Answer content at Yahoo! Tech is written by Yahoo! users at Yahoo! Answers. Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. For more information, read the Full Disclaimer.

Opinions expressed by the Advisors are their own and do not necessarily reflect the views of Yahoo! Inc. Yahoo! receives no compensation from any manufacturer or distributor nor does it compensate any Advisor for the coverage of any product or service in any Advisor's content.