History Main / ThePasswordIsAlwaysSwordfish

24th May '17 12:15:43 PM ChaoticNovelist
Is there an issue? Send a Message


* An episode of ''Series/MurderSheWrote'' featured a deceased computer tycoon who set his PC's password to "OPENDOOR", on the arrogant assumption that nobody would expect him to use something so obvious. The protagonists stumble upon it through a sudden flash of insight.

to:

* An episode of ''Series/MurderSheWrote'' featured a deceased computer tycoon who set his PC's password to "OPENDOOR", on the arrogant assumption that nobody would expect him to use something so obvious. The protagonists cast stumble upon it through a sudden flash of insight.



* Played with in the ''TabletopGame/{{Warhammer 40000}}'' novel ''[[Literature/IronWarriors Storm of Iron]]'' in which the "sacred chant of activation" used by the Tech Marines to launch a large missile (melta torpedo) is correctly guessed in frustration by one of the protagonists when he exclaims, "God damn it! Fire you worthless piece of fucking shit! FIRE!"

to:

* Played with in the ''TabletopGame/{{Warhammer 40000}}'' novel ''[[Literature/IronWarriors Storm of Iron]]'' in which the "sacred chant of activation" used by the Tech Marines to launch a large missile (melta torpedo) is correctly guessed in frustration by one of the protagonists characters when he exclaims, "God damn it! Fire you worthless piece of fucking shit! FIRE!"



* When an exceptionally good hacker begins messing with the game ''[[VideoGame/WorldOfWarcraft Bog of Bloodbath]]'', while the characters of ''Webcomic/GeneralProtectionFault'' are in a DeepImmersionGaming session, Nick desperately tries to un-hack it for fear YourMindMakesItReal only to discover that the "uber-hacker's" password was, in Nick's words, "obscenely obvious." [[spoiler:It was the name of the alter-ego he was using to fight the protagonists with.]]

to:

* ''Webcomic/GeneralProtectionFault'': When an exceptionally good hacker begins messing with the game ''[[VideoGame/WorldOfWarcraft Bog of Bloodbath]]'', while the characters of ''Webcomic/GeneralProtectionFault'' are in a DeepImmersionGaming session, Nick desperately tries to un-hack it for fear YourMindMakesItReal only to discover that the "uber-hacker's" password was, in Nick's words, "obscenely obvious." [[spoiler:It was the name of the alter-ego he was using to fight the protagonists heroes with.]]
24th May '17 12:13:20 PM ChaoticNovelist
Is there an issue? Send a Message


** The password that stops the deadly virus from destroying US intelligence firewalls and opening their secrets to the public is [[spoiler:3, the number]]. That's it. The villain even [[ThisIsYourBrainOnEvil leaves a clue to the password in the coding for the virus program]] for no clearly defined reason: [[spoiler:"What is the prime difference between the elements responsible for Hiroshima and Nagasaki?"]] A team of NASA scientists have to go through a whole scene of completely missing the point of the clue to make it seem more clever.

to:

** The password that stops the deadly virus from destroying US intelligence firewalls and opening their secrets to the public is [[spoiler:3, the number]]. That's it. The villain even [[ThisIsYourBrainOnEvil leaves a clue to the password in the coding for the virus program]] for no clearly defined reason: [[spoiler:"What is the prime difference between the elements responsible for Hiroshima and Nagasaki?"]] A team of NASA scientists have to go through a whole scene of completely missing the point incorrect guesswork of the clue to make it seem more clever.



** And in the Discworld novel ''Discworld/GuardsGuards'', the doorkeeper for a secret society trades complicated pass-phrases with a new arrival, only to discover the newcomer is looking for a different secret gathering when ''the sixth phrase'' fails to match. (Apparently there are a LOT of secret societies in Ankh-Morpork.)

to:

** And in In the Discworld novel ''Discworld/GuardsGuards'', the doorkeeper for a secret society trades complicated pass-phrases with a new arrival, only to discover the newcomer is looking for a different secret gathering when ''the sixth phrase'' fails to match. (Apparently there are a LOT of secret societies in Ankh-Morpork.)



** The Slytherin password at one point in ''Chamber of Secrets'' is "pure blood".
** The Chamber of Secrets itself is opened by simply telling it to open in Parseltongue. Seems justified in that almost all wizards who were not descendants of Salazar Slytherin cannot speak the language, but Ron manages to brute force it in ''Literature/HarryPotterAndTheDeathlyHallows'' by repeatedly trying gibberish that sounds like Parseltongue. It helps that Ron was in Harry's presence both times Harry used the Parseltongue command "Open", so he had some idea of how it sounded.

to:

** The Slytherin password at one point in ''Chamber of Secrets'' is "pure blood".
blood". Note that the Slytherins are infamous for FantasticRacism and obsess over the stuff.
** The Chamber of Secrets itself is opened by simply telling it to open in Parseltongue. Seems justified in that almost all most wizards who were not descendants of Salazar Slytherin cannot speak the language, but Ron manages to brute force it in ''Literature/HarryPotterAndTheDeathlyHallows'' by repeatedly trying gibberish that sounds like Parseltongue. It helps that Ron was in Harry's presence both times Harry used the Parseltongue command "Open", so he had some idea of how it sounded.



** An example more demonstrative of the trope, although still not exactly straight, is also in ''The Opal Deception'', when Artemis's password for an encrypted disc is the family motto, ''Aurum est potestas''. However, here he ''wanted'' Butler to guess the password, and it is arguably a password that you could only guess if you knew Artemis well.

to:

** An example more demonstrative of the trope, although still not exactly straight, is also Also in ''The Opal Deception'', when Artemis's password for an encrypted disc is the family motto, ''Aurum est potestas''. However, here he ''wanted'' Butler to guess the password, and it is arguably a password that you could only guess if you knew Artemis well.password.



* No specific examples of easy-to-crack passwords show up, but ''Literature/TrueNames'' displays a contrast in "conventional" online security (passcodes, tokens, dedicated terminals) and what the hacker underground uses ''instead'' of it. Getting into their online community center requires first navigating a changing cyberspace landscape with also changing challenges and responses hidden in subtle interactions with the environment (so that a single complete decrypted session log won't make it clear how to follow you, and using an intrinsically obfuscated UI to hide what the challenges ''were''), followed by interacting with a regularly updated AI guardian who tests your current mental awareness and coding style under real-time pressure while interrogating you about yourself, people you should know and events you've attended there, both to check for others using your equipment plus stupidly made notes ''plus'' interrogation results and give you chances to give a CovertDistressCode.

to:

* No specific examples of easy-to-crack passwords show up, but ''Literature/TrueNames'' displays a contrast in "conventional" online security (passcodes, tokens, dedicated terminals) and what the hacker underground uses ''instead'' of it. Getting into their online community center requires first navigating a changing cyberspace landscape with also changing challenges and responses hidden in subtle interactions with the environment (so that a single complete decrypted session log won't make it clear how to follow you, and using an intrinsically obfuscated UI to hide what the challenges ''were''), followed by interacting with a regularly updated AI guardian who tests your current mental awareness and coding style under real-time pressure while interrogating you about yourself, people you should know and events you've attended there, both to check for others using your equipment plus stupidly made notes ''plus'' interrogation results and give you chances to give a CovertDistressCode.CovertDistressCode.
*''Literature/JourneyToChaos'': Dengel guarded the final door to his final lair with a password that had to be entered with {{mana}}. It is the only secret that he ''didn't'' tell Eric, but he made it so plainly obvious that Eric could guess, [[spoiler: D-E-N-G-E-L]].
21st May '17 2:59:00 PM nombretomado
Is there an issue? Send a Message


** While trying to hack into Frank's encrypted hard drive, Charlie thinks she found the password in the remarkably simple "WarGames" when this yields results. Then Frank's hard drive opens a program revealing that it's a false lead and taunts her.

to:

** While trying to hack into Frank's encrypted hard drive, Charlie thinks she found the password in the remarkably simple "WarGames" "Film/WarGames" when this yields results. Then Frank's hard drive opens a program revealing that it's a false lead and taunts her.
17th May '17 1:42:21 PM dracogeorge
Is there an issue? Send a Message



to:

* ''Wiki/SCPFoundation'': One item on the [[http://www.scp-wiki.net/log-of-anomalous-items Log of Anomalous Items]] is a 129-character string that can be entered into the password field to log into any account. Unless the password for the account is "password".
13th May '17 1:24:07 PM nombretomado
Is there an issue? Send a Message


** In the episode, "[[Recap/SherlockS02E02TheHoundsOfBaskerville The Hounds of Baskerville,]]" Sherlock corrects guesses a Major's password to some top-secret CIA information as "{{Ma|rgaretThatcher}}ggie", on the first try.

to:

** In the episode, "[[Recap/SherlockS02E02TheHoundsOfBaskerville The Hounds of Baskerville,]]" Sherlock corrects guesses a Major's password to some top-secret CIA information as "{{Ma|rgaretThatcher}}ggie", "UsefulNotes/{{Ma|rgaretThatcher}}ggie", on the first try.
10th May '17 9:26:03 AM Psyclone
Is there an issue? Send a Message


** In ''VideoGame/DeusExHumanRevolution'' [[spoiler:the ([[GuideDangIt otherwise unattainable]]) code to the bomb in "Smash The State" is "0000". Inputting the code will get you the achievement "Lucky Guess" which has the description "Next time [[TooDumbToLive Jacob]] [[LampshadeHanging should use a more complex code to arm his bombs."]]]]

to:

** In ''VideoGame/DeusExHumanRevolution'' [[spoiler:the the ([[GuideDangIt otherwise unattainable]]) code to the bomb in "Smash The State" is "0000". Inputting the code will get you the achievement "Lucky Guess" which has the description "Next time [[TooDumbToLive Jacob]] [[LampshadeHanging should use a more complex code to arm his bombs."]]]]"]]
9th May '17 3:59:03 AM Cryoclaste
Is there an issue? Send a Message


* Neopets.com has banned the following passwords: password, neopets, pokemon, neopet, username. Four of them are obvious, and apparently {{Pokemon}} is just that popular.

to:

* Neopets.com has banned the following passwords: password, neopets, pokemon, neopet, username. Four of them are obvious, and apparently {{Pokemon}} Franchise/{{Pokemon}} is just that popular.
7th May '17 1:54:01 AM foxley
Is there an issue? Send a Message

Added DiffLines:

* ''Series/{{Motive}}'': In "Crimes of Passion", a mayoral candidate has his laptop password as "I've got your back": which was his campaign slogan and prominently displayed on a poster in his study.
5th May '17 4:34:58 AM AnotherDuck
Is there an issue? Send a Message


* The PAL (Permissive Action Links) arming mechanisms on USAF bombs were given the ultra-secure code of 0000000 until the late '70s (see below). None were ever accidentally armed. That one was intentional as they had so many other layers of security in place they decided the arming code was superfluous and essentially disabled it.
** Specifically, the PAL codes ''for [=ICBMs=]'' were always blank. Since these were huge missiles housed in dedicated silos out in the middle of nowhere, with a TwoKeyedLock and numerous site safety features (read: trespassers will be shot), it's easy to see why they thought a password would be redundant. Tactical and other portable weapon systems had and used actual codes.

to:

* The PAL (Permissive Action Links) arming mechanisms on USAF bombs were given the ultra-secure code of 0000000 until the late '70s (see below). None were ever accidentally armed. That one was intentional as they had so many other layers of security in place they decided the arming code was superfluous and essentially disabled it.
**
it. Specifically, the PAL codes ''for [=ICBMs=]'' were always blank. Since these were huge missiles housed in dedicated silos out in the middle of nowhere, with a TwoKeyedLock and numerous site safety features (read: trespassers will be shot), it's easy to see why they thought a password would be redundant. Tactical and other portable weapon systems had and used actual codes.



* People who forgot to rename or password-secure their wireless networks invariably provide free bandwidth to the world. You'd be amazed the number of places where you can pick up at least ''some'' kind of signal from a network named simply "linksys."



* Italy has several providers who still, to this day, have this problem: Fastweb is the prime culprit as ''all'' their routers come pre-set to a [=WiFi=] SSID containing numbers that'll give you the default password when copypasted in several available decrypting programs. They tried solving the problem by using another algorithm and different routers; needless to say, that too got cracked in short order. Nowadays they seem to no longer care at all. Telecom and Tele2 have several routers with this problem too, though theirs aren't quite that widespread.
** With routers, and other similar devices, this is deliberate -- that way if something goes wrong, the hapless field service tech sent 'round to the house knows how to reset it to default and access the account. Users are usually told to change the settings during or right after installation... but they usually don't.
* A "Wired" [[http://www.wired.com/threatlevel/2009/10/10000-passwords/ article]] noted that 123456 is the most common Hotmail password. A news article revealed the same for a music-downloading site after a security leak showed passwords for hundreds of thousands of subscribers. The top 50 passwords, which naturally included "123456," "password," and "qwerty," were used for more than half of the exposed accounts, with 123456 accounting for roughly 10% of them all by itself.
* Many people are just too lazy or just simply have no idea on how to change the key combination of their padlock and briefcase locks. Thus, the most common of such combination is 000.
* When editing router settings, some people think it is funny to make the network name some kind of reference or joke- some people even make the password something that fits in with the reference/joke, which makes it endlessly easier to guess.
* Many retail outlets seem to have passwords and lock combinations that, to those familiar with the store, are glaringly obvious. This includes passwords like "SELL," "WIN," or the store's in-company number.
* Some combination padlocks come with the combination on a sticker on the back. As many middle and high school students know, forgetting to take this sticker off before using it is a sure-fire way to get your lock, and anything valuable that it's protecting, stolen.
* If you're at a business (especially restaurants) that has a wireless network, but is password protected, try the business's phone number.
* When Internet sites spring login/password leaks that inevitably make it to the usual channels as convenient lists, an alarming number of the passwords contained tend to be simply the word "password" in different languages. That, or sequences of sequential numbers. In inverted order, should the user feel particularly crafty.
* Many computers in small (or even in big ones) school and/or offices, the Admin password are usually the name of the place or the name of the person in charge.

to:

* Italy has several providers who still, to this day, have this problem: Fastweb is the prime culprit as ''all'' their routers come pre-set to a [=WiFi=] SSID containing numbers that'll give you the default password when copypasted in several available decrypting programs. They tried solving the problem by using another algorithm and different routers; needless to say, that too got cracked in short order. Nowadays they seem to no longer care at all. Telecom and Tele2 have several routers with this problem too, though theirs aren't quite that widespread.
**
widespread. With routers, and other similar devices, this is deliberate -- that way if something goes wrong, the hapless field service tech sent 'round to the house knows how to reset it to default and access the account. Users are usually told to change the settings during or right after installation... but they usually don't.
* A "Wired" [[http://www.wired.com/threatlevel/2009/10/10000-passwords/ article]] noted that 123456 is the most common Hotmail password. A news article revealed the same for a music-downloading site after a security leak showed passwords for hundreds of thousands of subscribers. The top 50 passwords, which naturally included "123456," "password," and "qwerty," were used for more than half of the exposed accounts, with 123456 accounting for roughly 10% of them all by itself.
* Many people are just too lazy or just simply have no idea on how to change the key combination of their padlock and briefcase locks. Thus, the most common of such combination is 000.
* When editing router settings, some people think it is funny to make the network name some kind of reference or joke- some people even make the password something that fits in with the reference/joke, which makes it endlessly easier to guess.
* Many retail outlets seem to have passwords and lock combinations that, to those familiar with the store, are glaringly obvious. This includes passwords like "SELL," "WIN," or the store's in-company number.
* Some combination padlocks come with the combination on a sticker on the back. As many middle and high school students know, forgetting to take this sticker off before using it is a sure-fire way to get your lock, and anything valuable that it's protecting, stolen.
* If you're at a business (especially restaurants) that has a wireless network, but is password protected, try the business's phone number.
* When Internet sites spring login/password leaks that inevitably make it to the usual channels as convenient lists, an alarming number of the passwords contained tend to be simply the word "password" in different languages. That, or sequences of sequential numbers. In inverted order, should the user feel particularly crafty.
* Many computers in small (or even in big ones) school and/or offices, the Admin password are usually the name of the place or the name of the person in charge.
don't.



* Some people do actually hack computers and then change the password to swordfish just for fun.
* [[http://splashdata.com/splashid/worst-passwords/ Here's]] a list of such passwords that would qualify including qwerty, dragon, and qazwsx.
* [[http://gizmodo.com/5861667/the-25-most-popular-passwords-of-2011 The list of 2011's top 25 passwords]] includes such gems as: password, 123456, 12345678, 111111, 123123, 654321... well, you get the point. Surprisingly, swordfish and the "classic" passwords from ''{{Hackers}}'' don't make the list.



* Similarly, Windows XP has a hidden Administrator account with no default password. Most people don't even know it ''exists'', let alone bother to deactivate or password lock it. It can be accessed as easily as turning the computer on in Safe Mode, choosing Administrator, and entering no password, giving you free rein over 90% of XP computers out there.



* An even more obvious one, courtesy of many parents: the name of their children plus their date of birth. If that doesn't work, remove one or the other, or the first two digits of the child's year of birth. You're ''very'' likely to get access.
* Password "security questions" are used to confirm the user's identity should they forget their password and need to reset it. However, far too often the user is only allowed to choose questions from a list of premade questions that consist of information that can easily be gathered through social engineering or even just gleaning the user's public profiles (e.g. on social media and personal blogs), such as "What's your mother's maiden name?" and "What city were you born in?" And no, [[StupidityIsTheOnlyOption you usually cannot proceed with account creation without choosing a question and writing an answer]], though some users TakeAThirdOption and make the answer a secondary password of sorts that has nothing to do with the question chosen.
5th May '17 12:22:44 AM darkemyst
Is there an issue? Send a Message


* ''ComicBook/{{Robin}}'' III, in ''Robin Annual #1'' (noteworthy for actually predating the first issue of [[ComicBook/RobinSeries his ongoing series]] by several months), broke into ComicBook/{{Anarky}}'s home and tried to crack into his computer. After trying every prominent anarchist he could think of, he looks at the screen, which instructs him to "enter passcode." He does, and it works.

to:

* ''ComicBook/{{Robin}}'' III, in In ''Robin Annual #1'' (noteworthy for actually predating the first issue of [[ComicBook/RobinSeries his ongoing series]] by several months), [[ComicBook/RobinSeries Robin III]] broke into ComicBook/{{Anarky}}'s home and tried to crack into his computer. After trying every prominent anarchist he could think of, he looks at the screen, which instructs him to "enter passcode." He does, and it works.
This list shows the last 10 events of 396. Show all.
http://tvtropes.org/pmwiki/article_history.php?article=Main.ThePasswordIsAlwaysSwordfish