'Random' password 'ji32k7au4a83' used in 141 data breaches

In another language, it's not so random, or secure...

Woman typing on keyboard

The password 'ji32k7au4a83' may look like a completely random set of numbers and letters, but that exact password has appeared in 141 data breaches.

The data breaches were catalogued by website Have I been Pwned, but the number due to the apparently random password was spotted by Gizmodo, which asked the obvious question: why were so many people using the same jumble of letters and numbers as a password?

Advertisement - Article continues below

Taking up this mystery, a hardware and software engineer from Berkeley called Robert Ou, challenged his Twitter followers to find the answer.

"Fun thing I learned today regarding secure passwords: the password 'ji32k7au4a83' looks like it'd be decently secure, right? But if you check e.g HIBP, it's been seen over a hundred times. Challenge: explain why and how this happened and how this password might be guessed," he tweeted.

The tweet proved quite popular as many took up the challenge and it wasn't long before an answer was found. Taiwanese internet users decoded the answer, noting that on a Taiwanese keyboard with the Zhuyin Fuhao layout, the random assortment of numbers and letters spells out , or "w de mm," which in Mandarin, translates to "my password".

Zhuyin Fuhao layout - courtesy of Apple

Advertisement
Advertisement - Article continues below

On a Zhuyin Fuhao layout, typing the letter J and I will add to two add two of the symbols ( + ), which are displayed in the top right of the keys, but pronounced as u and o. From there the tone of the character has to be typed out, hence the 3. Simply put, Ji3 translates to "me" in English, but it's switched to "my" after you add "2k7," the next three characters in the password.

Advertisement - Article continues below

There is a slightly different system used by mainland China, which suggests that people using "ji32k7au4a83" are mainly from Taiwan and while that password has shown up in 141 data breaches, "au4a83" (password) has shown up 1,495 times.

"Password" came second in SplashData's 2018 annual poll of the worst passwords, with "123456" coming out on top. Despite living in a world of biometric security, the traditional password hasn't been completely ditched and worse, terribly simple ones are still widely used no matter the language.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Visit/business/policy-legislation/356215/senators-propose-a-bill-aimed-at-ending-warrant-proof-encryption
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/security/cyber-attacks/356417/trump-confirms-cyber-attacks-on-russia-election-trolls
cyber attacks

Trump confirms US cyber attack on Russia election trolls

13 Jul 2020