Bad Password Review


Nowadays, there is a lot of bad default password in the wild for Facebook, Twitter, Instagram, Email and so on

Recently, there a news where the facebook been breach on their user password where it will cost all user to reset their user password for the account.  Because of this incident, Facebook might lost 1.6 million fine.

California will ban any device that been using Bad Default Password to be sold to the user or customer. This banned will be effective on January 1, 2020 and California will came out with a better password than Password and admin. For more news on this, you can read it at here 

How we verify as a bad Default Password?

Bad Default Password is a password that been set by default by the supplier to the hardware or application.  However, some of the user did not change the default password of the hardware and application to ease their work.

Example for the bad Default Password is such as:

  • Password123
  • Password
  • Admin
  • 12345
  • passw0rd

What is a strong and good password?

To ensure the user is safe from been exposed to the attacker for the weak password, the user need to follow the criteria of strong password as below:

  1. Mixed of character in a password

The password should have a 16 character with the mixed of Uppercase (ABC), Lowercase (abc), Numeric (123) and Symbol (! @#$). This action will ensure that the attacker take a long time for cracking the password. 

        2. Two Factor Authentication

The user can use the method of Two Factor Authentication where it will send an notification to the user to key-in the authentication that been send to them by SMS or Application.

Source: California Lawmakers Want to Ban Bad Default Password

Author: Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *