Security experts continually warn users to choose strong passwords, but it appears hackers don't bother to use complicated passwords, either. Of the 2,000 passwords recently analyzed by security firm Avast, used by hackers to illegally access information, many of the passwords were saved in plain text. Many hackers used the terms "hack," "pass," "root," or "hax."
"When a hacker finds vulnerability in a website, [they]use a special file called a 'shell' to gain control over the website," said Antonin Hyza, AVAST virus lab analyst, in a statement to SCMagazine. "Avast detects shell as malware to help administrators identify infected websites. Those shells are usually protected by passwords so no other hacker could use it."
Just 10 percent of the passwords analyzed by Hyza are considered to be strong, with him recommending a password that is at least 10 characters long. Cybersecurity experts recommend how to select stronger passwords, with free online websites also testing how strong a password is.