How many people want to crack passwords?

Security,SEM by on November 22, 2006 at 12:31 am
There were two unrelated things today that prompted this post:
  1. Firefox 2.0 Password Manager Exploit
  2. A great post on how to recover forgotten (but still stored) passwords.
Firefox Password Exploit

As I understand the poorly written vulnerability summary: you can have all of your passwords stolen if you visit a trusted site (trusted = you have a password saved there). This can be done without your knowledge. The places to be cautious are forums, blogs, myspace, etc. where users can affect the web page.

Recovering Lost Passwords:

Last time my dad forgot his Comcast email password, the Comcast rep convinced him that he needed a new account. They did re-setup Outlook Express for him, but in doing so they deleted his email store.

The tool, Cain and Abel, is a fairly sophisticated program that can help dig passwords (and plenty of other things) out of network traffic. It is worth noting that it only works with Ethernet adapters (no wireless), so you’ll need to convince Dad to plug in to make any use of this. I found it very easy to set up and run and was able to test sniff an FTP password in under five minutes.

And how many people are searching for ways to steal passwords?

I frequently test search volume for keywords when I stumble upon something that I hadn’t thought about in the context of SEO. I find it gives me a good perspective about the general interest level in the topic. Check out the keyword discovery stats for the top 20 ‘password’ terms:

Keyword Discovery Screenshot

To put this in perspective, the same number of people that searched for “password crackers” also searched for “hp computer”. It’s a hostile world beyond the firewall…


  1. guest — May 4, 2010 @ 8:22 am

    Out of six billion people, a couple of million searching for the word "password" is not at all surprising. It would be a surprise if the number was smaller.

  2. Dave Naffziger — May 4, 2010 @ 4:13 pm

    Agreed. The thing that I think is notable is how many are searching
    for 'password cracker'. The same number that are searching for 'hp

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. | Dave Naffziger's BlogDave & Iva Naffziger