California legislation prohibits the use of weak passwords such as admin, depending on how programmers set passwords
Included in the topic
#世界之大
4
foreign media techcrunch reported on October 6 that California has just passed a law that prohibits the use of "admin", "123456" and "123456" in all new consumer electronic products after 2020. The classic "password" default password.
The bill requires that manufacturers of networked hardware products must use unique pre-programmed passwords, or require users to change the password the first time they use it.
The problem of weak passwords has always been an effective and low-cost method for *** exploitation. For many years, botnets have used the powerful functions of connected devices with poor security, and have a large amount of Internet traffic on websites, which is the so-called Distributed Denial of Service (DDoS)***. Botnets usually rely on default passwords, which are hard-coded into the device during construction, and users will not change them in the future.
Tencent engineers use the default password***hotel WIFI
On the morning of September 25, 2018, during a cyber security conference in Singapore, a Tencent security engineer hacked the WiFi of his hotel.
Zheng Dutao, 23, is a security engineer for Tencent. When staying at the Fragrance Hotel in Singapore, the engineer was curious about whether the hotel’s WiFi server had loopholes.
Zheng Dutao successfully hacked into the hotel WiFi server and published the server password of the hotel administrator in a blog post titled "Exploit Singapore Hotels" (Exploit Singapore Hotels). The article caught the attention of the Singapore Cyber Security Agency (CSA), who subsequently arrested it.
On September 24, Zheng Dutao was fined 5,000 Singapore dollars by the Singapore National Court for his violent behavior.
During his stay in the hotel, he successfully searched Google for the default username and password of the hotel’s WiFi system. After accessing the hotel WiFi gateway, Zheng Dutao began to execute scripts in the next three days, cracking files and passwords, and finally successfully logged in to the hotel WiFi server database.
What are the weakest passwords
Splashdata, a US password management application company, publishes a list of "the weakest password of the year" every year.
On the 2017 list, “123456” still holds the first place on the list, and it was the first place from 2013 to 2016. "Password" has defended the runner-up for four consecutive years.
In addition to the above two password variants, there are also keyboard-based "qwerty" based on keyboard keys, "letmein (let me in)", and "football" and "iloveyou" that can enter the top ten of the rankings.
It is worth mentioning that "starwars" made the list for the first time, ranking 16th, perhaps due to the effect of "Star Wars: The Last Jedi". The position of "dragon" inspired by "Game of Thrones" has also risen one place to 18th.
The picture above is the top 25 in the ranking of the weakest passwords published by Splashdata.
It is reported that this list sampled more than 5 million password leak cases, mainly from users in North America and Western Europe. However, the research content does not include leaked information from the widely influential Yahoo mailbox and adult websites. As a result, statistical data can better reflect daily online life.
How should a programmer set a password
Ordinary people’s passwords are a combination of their birthday, English name, pinyin, and specific numbers, which are easy for us to remember. What is the difference between the combination of letters, symbols, and numbers for programmers?
I usually hear that programmers are boring, boring, and unromantic, but after reading the following programmer-specific passwords, I feel like a fortress! ! !
Password: ppnn13%dkstFeb.1st,
explanation: 娉娉娉颅more than thirteen, cardamom shoots in early February
Password: Tree_0f0=sprintf("2_Bird_ff0/a")
Explanation: Two yellow oriole and green willow
Password: csbt34.ydhl12s
Explanation: Three or four o'clock in the pond with green moss, one or two beeps of yellow oriole under the leaves
Password: for $n(@RenSheng) $n+="die"
Explanation: No one has died in life since ancient times
Password: while(1) Ape1Cry&&Ape2Cry
Explanation: The apes on both sides of the strait can’t cry
Password: doWhile(1){LeavesFly();YangtzeRiverFlows();}
Explanation: The boundless fall of the woods , the endless Yangtze River is rolling in
Password: tcmlflw,syred>febhua]
Explanation: I love the maple forest night when I park my car , and the frosty leaves are red in February flowers
Password: dig? F*ckDang5
Explanation: Noon on the day of hoeing
Password: 1dcypsz1/2jss1/2j#f00
Explanation: A setting sun is paved in the water, half river and half river red
Password: hanshansi.location()!∈[gusucity]
Explanation: Hanshan Temple outside Gusu City
Password: hold?fish:palm
Explanation: You cannot have both fish and bear's paws
Finally, give everyone a question to see if you can guess the explanation of the password:
ps!see(5tl)shit!say(man)
Facing Java Issue 147: How to add an Integer object to a List whose generic type is Integer?
Road to God No. 014: The usage of Stream in Java8.
-MORE | More exciting articles-
- He was promoted to P10 without the test. What has he experienced in Ali for 10 years?
- In-depth source code analysis of the implementation principle of Java thread pool
- Hush! I "stolen" Ali Daniel's book list
- Can you really use List in Java?
If you see this, you like this article.
Then please press and hold the QR code to follow Hollis
