Flexible Security For Your Peace of Mind

“Love” conquers most in passwords

(Last updated on February 17, 2020)

Stockholm – Specops Software announced today the latest updates to the Password Blacklist, a solution to continuously check if an account in Active Directory is using a leaked password. Analysis reveals the most common words used in password combinations are related to love.

Specops Password Blacklist has been updated to include more than 2 billion passwords, available as a secure list in the cloud or stored locally in the customer’s environment. In-depth analysis of 120 million passwords revealed the following findings for password combinations:

  • “Love” was the most common word
  • The second most common word was “evil”
  • There are twice as many instances of the word “freak” compared to “saint”.

More non-English leaked passwords were also added in this update. Some of the most common passwords in other languages were also related to love: “woaini” (I love you in Chinese), “älskling” (sweetheart in Swedish) or “kochanie” (loved one in Polish).

“One of the strengths of our Blacklist is that it includes more than just English-language passwords,” said Lori Osterholm, CTO at Specops Software. “Some of the most popular leaked passwords lists don’t support foreign-language words, like the Swedish word “älskling”, and organizations relying on such lists may be, unknowingly, increasing their risk factor.” 

Specops Password Blacklist works together with Specops Password Policy so that companies and organizations can block all passwords found on the password blacklist, making it easy to comply with industry regulations, like NIST or Cyber Essentials. The service blocks people from choosing banned passwords and informs as to why they cannot use the password.

“Widespread password-spraying and credential-stuffing attacks appear in the news every week,” Osterholm said. “If an IT admin wants to prevent hackers from gaining access to their environments through these attacks, a blacklist service is a must. With today’s update, Specops Password Blacklist continues to show why it’s a market leader for Active Directory. We are focused on making Blacklist a continuously-updated source of leaked passwords for people everywhere.”

Learn more about how Specops Password Blacklist can help continuously protect Active Directory environments from leaked passwords.  

About Specops Software
Specops Software is the leading provider of password management and authentication solutions. Specops protects your business data by blocking weak passwords and securing user authentication. With a complete portfolio of solutions natively integrated with Active Directory, Specops ensures sensitive data is stored on-premises and in your control. Every day thousands of organizations use Specops Software to protect business data.

Media Contact
Aimée Ravacon, Specops Software, +46846501241
Aimee.ravacon@specopssoft.com

  • Was this Helpful ?
  • Yes   No

Tags:

Back to Blog

Related Articles

  • Checking for Pwned Passwords in Active Directory

    If you are trying to fulfill a regulation requirement like that of NIST, you might find yourself tasked with attempting to set up your Active Directory environment to check for leaked passwords against an external blacklist. For many, Have I Been Pwned (HIBP) is the list they want to check against. HIBP is one of…

    Read More
  • Password dictionary overview and best practice

    As long as users continue using common/predictable passwords, dictionary attacks will continue to work. Hackers are not the only ones who can take advantage of password predictability. The best protection against a dictionary attack is using a dictionary during the password creation process. This means checking future passwords against such dictionaries, and preventing users from…

    Read More
  • NIST Password Standards

    The National Institute of Standards and Technology (NIST) sets the information security standards for federal agencies. Through its Special Publication (SP) 800-series, NIST helps organizations meet regulatory compliance requirements such as HIPAA, and SOX. The recent update to the NIST password standards (SP) 800-63-3 flips the script on widely accepted password policies, challenging its effectiveness…

    Read More

© 2020 Specops Software. All rights reserved. Privacy and Data Policy