'Random' password 'ji32k7au4a83' used in 141 data breaches
In another language, it's not so random, or secure...
The password 'ji32k7au4a83' may look like a completely random set of numbers and letters, but that exact password has appeared in 141 data breaches.
The data breaches were catalogued by website Have I been Pwned, but the number due to the apparently random password was spotted by Gizmodo, which asked the obvious question: why were so many people using the same jumble of letters and numbers as a password?
Taking up this mystery, a hardware and software engineer from Berkeley called Robert Ou, challenged his Twitter followers to find the answer.
"Fun thing I learned today regarding secure passwords: the password 'ji32k7au4a83' looks like it'd be decently secure, right? But if you check e.g HIBP, it's been seen over a hundred times. Challenge: explain why and how this happened and how this password might be guessed," he tweeted.
The tweet proved quite popular as many took up the challenge and it wasn't long before an answer was found. Taiwanese internet users decoded the answer, noting that on a Taiwanese keyboard with the Zhuyin Fuhao layout, the random assortment of numbers and letters spells out , or "w de mm," which in Mandarin, translates to "my password".
Zhuyin Fuhao layout - courtesy of Apple
On a Zhuyin Fuhao layout, typing the letter J and I will add to two add two of the symbols ( + ), which are displayed in the top right of the keys, but pronounced as u and o. From there the tone of the character has to be typed out, hence the 3. Simply put, Ji3 translates to "me" in English, but it's switched to "my" after you add "2k7," the next three characters in the password.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
There is a slightly different system used by mainland China, which suggests that people using "ji32k7au4a83" are mainly from Taiwan and while that password has shown up in 141 data breaches, "au4a83" (password) has shown up 1,495 times.
"Password" came second in SplashData's 2018 annual poll of the worst passwords, with "123456" coming out on top. Despite living in a world of biometric security, the traditional password hasn't been completely ditched and worse, terribly simple ones are still widely used no matter the language.
Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.
Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.