Imperva recently announced an update to their analysis of the 32 million passwords that were exposed by the RockYou site earlier this year. The update is concerned with a specific analysis of the spanish passwords included in the breach, of which there were just over 2 million. Imperva together with Spanish marketing firm Agua Marketing found the following breakdown of password preferences – note that almost half of the passwords are based on personal names.
The full report in Spanish is here.
1 comment:
It's hard to take these results seriously due to the way the sample passwords were picked from the RockYou list as a whole. Aka it's not surprising that half the passwords represented Spanish names when passwords were included in the test set as 'Spanish' because they included Spanish names. The same goes for the other categories. This becomes obvious when you notice there is no 'other' category.
While there are cultural differences in how people create passwords, without the usernames, it is extremely hard to subdivide the RockYou list up to identify these differences. Imperva would have been better off analyzing a smaller list like the Hotmail list which was primarily composed of Spanish and Portuguese speakers.
Post a Comment