Most Popular passwords

Has been working in data security field for so long I always remember one password lesson that I have learn when we were back to those day we only able to using only 4 digit pin, the most common PIN beside birthdays and telephone number related then the next popular pin numbers are same digits 0000 to 9999 and continue digits 1234, 2345, 9876 etc. World haven't changes that much, even up to now, a lot of banks still allow only 4 digit pins. I always wonder why they still restricting that length of the pin, while the ANSI X9.8 PIN block standard is allowing up to 12 digits. Unless they are using some really old standards, that were over 20 years old! But then the popular pin or password still have not change much, its all blame on human nature!

So here is the list, I gathered from the book Perfect Passwords, Mark Burnett 2005.  Caution that hackers will using these popular passwords to attack your account!  Make your password hard to hack by combining upper and lower character, numbers and use words that are not in dictionaries.

NO	Top 1-100	Top 101–200	Top 201–300	Top 301–400	Top 401–500
1	123456	porsche	firebird	prince	rosebud
2	password	guitar	butter	beach	jaguar
3	12345678	chelsea	united	amateur	great
4	1234	black	turtle	7777777	cool
5	pussy	diamond	steelers	muffin	cooper
6	12345	nascar	tiffany	redsox	1313
7	dragon	jackson	zxcvbn	star	scorpio
8	qwerty	cameron	tomcat	testing	mountain
9	696969	654321	golf	shannon	madison
10	mustang	computer	bond007	murphy	987654
11	letmein	amanda	bear	frank	brazil
12	baseball	wizard	tiger	hannah	lauren
13	master	xxxxxxxx	doctor	dave	japan
14	michael	money	gateway	eagle1	naked
15	football	phoenix	gators	11111	squirt
16	shadow	mickey	angel	mother	stars
17	monkey	bailey	junior	nathan	apple
18	abc123	knight	thx1138	raiders	alexis
19	pass	iceman	porno	steve	aaaa
20	fuckme	tigers	badboy	forever	bonnie
21	6969	purple	debbie	angela	peaches
22	jordan	andrea	spider	viper	jasmine
23	harley	horny	melissa	ou812	kevin
24	ranger	dakota	booger	jake	matt
25	iwantu	aaaaaa	1212	lovers	qwertyui
26	jennifer	player	flyers	suckit	danielle
27	hunter	sunshine	fish	gregory	beaver
28	fuck	morgan	porn	buddy	4321
29	2000	starwars	matrix	whatever	4128
30	test	boomer	teens	young	runner
31	batman	cowboys	scooby	nicholas	swimming
32	trustno1	edward	jason	lucky	dolphin
33	thomas	charles	walter	helpme	gordon
34	tigger	girls	cumshot	jackie	casper
35	robert	booboo	boston	monica	stupid
36	access	coffee	braves	midnight	shit
37	love	xxxxxx	yankee	college	saturn
38	buster	bulldog	lover	baby	gemini
39	1234567	ncc1701	barney	cunt	apples
40	soccer	rabbit	victor	brian	august
41	hockey	peanut	tucker	mark	3333
42	killer	john	princess	startrek	canada
43	george	johnny	mercedes	sierra	blazer
44	sexy	gandalf	5150	leather	cumming
45	andrew	spanky	doggie	232323	hunting
46	charlie	winter	zzzzzz	4444	kitty
47	superman	brandy	gunner	beavis	rainbow
48	asshole	compaq	horney	bigcock	112233
49	fuckyou	carlos	bubba	happy	arthur
50	dallas	tennis	2112	sophie	cream
51	jessica	james	fred	ladies	calvin
52	panties	mike	johnson	naughty	shaved
53	pepper	brandon	xxxxx	giants	surfer
54	1111	fender	tits	booty	samson
55	austin	anthony	member	blonde	kelly
56	william	blowme	boobs	fucked	paul
57	daniel	ferrari	donald	golden	mine
58	golfer	cookie	bigdaddy	0	king
59	summer	chicken	bronco	fire	racing
60	heather	maverick	penis	sandra	5555
61	hammer	chicago	voyager	pookie	eagle
62	yankees	joseph	rangers	packers	hentai
63	joshua	diablo	birdie	einstein	newyork
64	maggie	sexsex	trouble	dolphins	little
65	biteme	hardcore	white	0	redwings
66	enter	666666	topgun	chevy	smith
67	ashley	willie	bigtits	winston	sticky
68	thunder	welcome	bitches	warrior	cocacola
69	cowboy	chris	green	sammy	animal
70	silver	panther	super	slut	broncos
71	richard	yamaha	qazwsx	8675309	private
72	fucker	justin	magic	zxcvbnm	skippy
73	orange	banana	lakers	nipples	marvin
74	merlin	driver	rachel	power	blondes
75	michelle	marine	slayer	victoria	enjoy
76	corvette	angels	scott	asdfgh	girl
77	bigdog	fishing	2222	vagina	apollo
78	cheese	david	asdf	toyota	parker
79	matthew	maddog	video	travis	qwert
80	121212	hooters	london	hotdog	time
81	patrick	wilson	7777	paris	sydney
82	martin	butthead	marlboro	rock	women
83	freedom	dennis	srinivas	xxxx	voodoo
84	ginger	fucking	internet	extreme	magnum
85	blowjob	captain	action	redskins	juice
86	nicole	bigdick	carter	erotic	abgrtyu
87	sparky	chester	jasper	dirty	777777
88	yellow	smokey	monster	ford	dreams
89	camaro	xavier	teresa	freddy	maxwell
90	secret	steven	jeremy	arsenal	music
91	dick	viking	11111111	access14	rush2112
92	falcon	snoopy	bill	wolf	russia
93	taylor	blue	crystal	nipple	scorpion
94	111111	eagles	peter	iloveyou	rebecca
95	131313	winner	pussies	alex	tester
96	123123	samantha	cock	florida	mistress
97	bitch	house	beer	eric	phantom
98	hello	miller	rocket	legend	billy
99	scooter	flower	theman	movie	6666
100	please	jack	oliver	success	albert

Source: Perfect Passwords, Mark Burnett 2005

How to OPT-OUT from Facebook's Facial Recognition feature that may put your privacy at risk

I have previously posted the Facebook's new facial recognition privacy problem, a lot of my friends are asking me how to OPT-OUT of this service with their own privacy concerts.  I then dig around and finally found good options for it.

I have personally tried the method 1, and method 2 seems hard to verify if its from auto tag or your friend tag you manually.  Beside method 1, rest of those methods are preventive and are only trying to confusion their system.  They are not guaranteeing to work.  I will only recommend you to use method 1.

Source: June 18, 2011- http://www.ibtimes.com/articles/165199/20110618/facebook-facial-recognition.htm
1. Disable the Facebook facial recognition auto-suggest function for photo tagging.
Go to Account (upper right corner of homepage) - Privacy Settings - Custom settings (bottom middle) - Suggest photos of me to friends - Enabled/Disabled (check Disabled)

Things others Share -> Suggest Phones of me to friends

2. Vigilantly monitor your notifications about being tagged in photos so you can be in control of this data.

3. Upload pictures of celebrities or other people and tag them as yourself. The point is to pollute Facebook’s facial recognition database of you so that its ability to identify you is weakened.

4. Request Facebook to remove your "summary information" from its facial recognition database (hat tip to PCWorld).
Login to Facebook - Click on this link - Click the "contact us" hyperlink (In the sentence "You can contact us to request that we remove all of your photo summary information") - send Facebook the automated message that pops up in the box

3D Image tool - MPO Toolbox

Recently I am planning to buy a camera that able to take 3D pictures to either replace my Panasonic DMC-ZS7 that I purchase close to a year ago. Instead of buying a full 3D camera I upgrade my camera into a Panasonic DMC-ZS10 that able to take 3D picture by panning manually (http://panasonic.net/avc/lumix/compact/zs10_tz20/3d.html). This camera will then product a MPO that consist of left and right pictures. This file is great for display it on 3D TVs. But since I do not have any 3D display or TV, but few 3D glasses (red-cyan) on hand.

Then I found a program call MPO Toolbox (http://www.stereoscopynews.com/download/software/654-mpo-toolbox.html) that can convert MPO file to anaglyph image.  Anaglyph image is a 3D image that display or print then use the red-cyan 3D glasses to view them.

Beside you converting MPO file to anaglyph image, it also can convert the MPO image to JPEGS, JPS and Dubois (a variation of anaglyph).  Give it a try if you have a 3D with some MPO images and wanted to convert them it into specific format, this will be your handy tool.

[Update 6/21/2011] After I test it for few different MPO file from varies of devices, I found that it fails to open some of them.  Now I will not recommend you using it unless you trying to get a quick and easy batch file conversion.  Then this will be a good tool to perform such task.

Facebook's Facial Recognition - a lot of privacy issues

I was just became aware that Facebook is going to use facial recognition technology on its large collection of members' photo database. Facebook claims that it will help identify people for their members through use of this new service.  Facial recognition biometric technology has been available for a while and it works well.  The technology has been used by passport offices all over the world, DoD, DMV, varies of law enforcement agents and private sectors.

Facebook has an estimated 60 billion photos from individuals in its database, and it is already has knowledge of every individual member's relationship with each other.  If Facebook is going to perform facial mining through facial recognition technology to all of its members photos, it will further expand Facebook's knowledge onto its members and non-members.

What are the problems, you may ask?
Firstly, Facebook can extend its knowledge of its members.  With the biometric technology it's able to identify all of your friends in your photos including those who are not members of Facebook.  It can then link those non-members with other members that may have relationships.  If this happen Facebook will suddenly expands its knowledge of its members through this discovery process.  I am sure this will be a good tool for law enforcement agents and criminals to connect the dots and will have some good use of this information on a massive scale.  We just hope that this data will never be able to be hacked by anyone.  The same applies to the geocode (you GPS location tag) that is embedded in your photo that your may have upload to Facebook.  Good privacy means: Collect no data, do no evil.

Can it then prove the six degrees of separation is really statistically sound?  May be I don't want to know the answer through this way....

Secondly, those individuals that have been uniquely identified may further be exploited by Facebook or others (if they sell the data, since those individuals may not have agreements with Facebook).   What Facebook can do to those identified non-members?   Does the member agreement include those identities?  May be one day police officer will knock on your door and ask you to help release your friend's information, because a few of your photos have included that individual!  Facebook can also scan the web and try to co-relate those individuals' identities with blogs, personal home pages, Linkedin etc.  Those are public data anyway, so they can "face mining" you and everyone!  The privacy issue here is their huge collection of photos, relationships knowledge and its ability to expand it knowledge.  Even though those non-members' identities may be anonymous as a label, but it can be easily to discover its real identity at a later time with external sources - such as LexisNexis? Or FBI?  That makes me wonder what else can we do with it?

Quote form CNN Tech:

"Facebook's more than 500 million users have been automatically included in the database, but the company is allowing each person to choose whether to be identified by toggling a pane in the account's privacy settings.

The tool would still scan that person's face and figure out who it is, but it won't display that information. People can still manually tag friends."

The above shows that Facebook has no option for the member to stop Facebook from using this data, it just gives the member an option not to show the suggestions.  It does not seem they allows their members to remove what has been collected from the members.  What happens to this information that Facebook collected?  I found no trace of how Facebook is going to use those gathered information and who has the ownership of the data.

Thirdly Facebook plans to give its members an opt-out option for this service!  It should be an opt-in option, so that Facebook does not have the ability to abuse their members' rights.  Because most users are not aware of the privacy and risk issues associated with this service.  An Opt-out option, means that Facebook can force most if not all of their members to use this new technology without asking.  Good privacy practices are always asking the user to opt-in before providing service, why not Facebook?  They should send out a message to each member to announce this new facial recognition service and  how it  will use the data, then ask their member to enable (opt-in) this feature.

Fourthly, the data belong to whom?  The photo is mine, the content belongs to me, now what about the relationship information?  What about this newly discovered individuals' relationship between non-connected members?  I think it should belong to their members.  But then I cannot find any statement from Facebook to address this issue.  If you find it, please correct me by sending me a comment here.


The problem of this facial recognition technology with Facebook is its privacy practices.  It seems that enabling this technology quietly to members' private collection (photo albums) has violated everyone's rights and trust.  Since there is no membership/end-user agreement that initially included this type of technology to process member's photos.  I have not found any privacy statement on how Facebook is going to use the technology on members' photos either.

Don't get me wrong,  I do like the facial technology and I have been working in biometrics industry for years and I embrace the technology.  But then their use of this technology has brought out a lot of privacy issues when they are not carefully utilizing it.   Technology itself has no privacy issue.  It's how they using the technology.  I like Goolge's free photo management tool Picasa 3 that includes facial recognition technology, but it only works under my control and does not share my friends' identity with anyone.

Reference News:
http://www.washingtonpost.com/blogs/post-tech/post/privacy-group-urges-investigation-of-facebook-facial-recognition-tool/2011/06/13/AGSUQCTH_blog.html

http://blogs.forbes.com/kashmirhill/2011/06/13/lets-face-facts-about-facial-recognition-technology-inside-and-outside-of-facebook/

http://www.pcworld.com/article/229742/why_facebooks_facial_recognition_is_creepy.html

http://articles.cnn.com/2011-06-07/tech/facebook.facial.recognition_1_facebook-ceo-mark-zuckerberg-facial-recognition-face-recognition?_s=PM:TECH

C++ Interpreters - Part 1: Discovering

I was on a search for C/C++ Interpreters. Why I want an interpreter when I can compile my code for faster speed? The answer is I trying to embedding a script engine insider an application, so that the application can extend its function by execute loadable scripts. C/C++ interpreter may be a good choice to perform such functions. Since, I don't need to learn any new language.  But seem like there are only a limited choice for me.


I have found so far are CINT, Ch and UnderC. Seem only CINT and Ch are an active development.  I previously had tried out Ch with limit success, mostly due to its a paid product without the exact feature I wanted.

Other choice that I can have include JavaScript and Basic. JS seem to be a better choice out there, there are a handful of them around compare to C/C++.  I have previously using SpiderMonkey for few of my projects with good successes.

My requirements are:

1. The interpreter is a linkable library for use it with in an application.
2. Low memory profile
3. The interpreter can utilize the function/methods inside my application.
4. Nice to have the interpreter support in system debugging
5. Support STL library
6. Come with rich libraries support  (not all standard system library may used by interpreter)

The next step is to continue my Part 2 - evaluate and feature compare.