Despite Adobe advising users for having strong and complex passwords, they prefer to remain in their comfort zone and create passwords such as '123456' or 'letmein' or even just 'password'.
Users' ignorance became more evident when last month Adobe disclosed that the users's passwords were hacked, along with the source code for products such as Cold Fusion.
Hackers breached Adobe servers and accessed around 130 million passwords. Among these 38 million of them were active users. Later they also published a 9.3-gigabyte file which contained nearly 150 million encrypted passwords.
The password cracker and researcher Jeremi Gosney, along with Stricture Consulting Group downloaded the file and decrypted them. The analysis was centred on six million passwords of the total exposed.
They found that nearly two million of Adobe users has '123456' as their password. They also published a top 100 list in which the second common password was '123456789'. Passwords such as 'iloveyou', 'macromedia', 'abc123', '1234' and 'aaaaaa' also made to the top 20.
Adobe had encrypted the passwords by using a single encryption key for all passwords. Encrypted passwords were stored in Electronic Code Book mode which is clearly a less secure mechanism to store encrypted passwords.
What this means is, if someone comes to know the encryption key, it can access the entire stored passwords.
Though there isn't any official confirmation about the password breach, all accounts affected have been suspended. Once the passwords are changed, they can be active again.