Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

for about 80% of protected home networks i’ve accessed the password ends up being someone in the home’s phone number.. not sure if it’s just because it’s often the only 8+ character string of numbers people readily have memorized or if it’s just lazy isp’s that set it that way (and lazy owners who never change it afterwards)..?


Yep, in public compromises of large sets of WPA passphrases, more than 50% of them are phone numbers. This is why we offer a CloudCracker dictionary which includes every valid NANP number in it: https://www.cloudcracker.com/dictionaries.html


It's the ISPs. Every time I move the tech resets my password to my home phone number.

I'm sure it cuts down their support, but it usually means brute forcing only need worry about the last four digits.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: