'Random' password 'ji32k7au4a83' used in 141 data breaches

In another language, it's not so random, or secure...

Woman typing on keyboard

The password 'ji32k7au4a83' may look like a completely random set of numbers and letters, but that exact password has appeared in 141 data breaches.

The data breaches were catalogued by website Have I been Pwned, but the number due to the apparently random password was spotted by Gizmodo, which asked the obvious question: why were so many people using the same jumble of letters and numbers as a password?

Taking up this mystery, a hardware and software engineer from Berkeley called Robert Ou, challenged his Twitter followers to find the answer.

"Fun thing I learned today regarding secure passwords: the password 'ji32k7au4a83' looks like it'd be decently secure, right? But if you check e.g HIBP, it's been seen over a hundred times. Challenge: explain why and how this happened and how this password might be guessed," he tweeted.

The tweet proved quite popular as many took up the challenge and it wasn't long before an answer was found. Taiwanese internet users decoded the answer, noting that on a Taiwanese keyboard with the Zhuyin Fuhao layout, the random assortment of numbers and letters spells out , or "w de mm," which in Mandarin, translates to "my password".

Zhuyin Fuhao layout - courtesy of Apple

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

On a Zhuyin Fuhao layout, typing the letter J and I will add to two add two of the symbols ( + ), which are displayed in the top right of the keys, but pronounced as u and o. From there the tone of the character has to be typed out, hence the 3. Simply put, Ji3 translates to "me" in English, but it's switched to "my" after you add "2k7," the next three characters in the password.

There is a slightly different system used by mainland China, which suggests that people using "ji32k7au4a83" are mainly from Taiwan and while that password has shown up in 141 data breaches, "au4a83" (password) has shown up 1,495 times.

"Password" came second in SplashData's 2018 annual poll of the worst passwords, with "123456" coming out on top. Despite living in a world of biometric security, the traditional password hasn't been completely ditched and worse, terribly simple ones are still widely used no matter the language.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019