I am currently cracking the leaked password file just for fun and because I am curious.
Guess what?
1) Hundreds of accounts with
their usernames as passwords.
2) Hundreds of accounts with the password "
123456"
3) Hundreds of accounts with the password "
testtest"
4) Hundreds of accounts with the password "
bitcoin"
Are you guys STUPID?
TO THE THOUSANDS OF USERS WHO ARE THIS DUMB:
YOU DESERVE TO LOSE YOUR BITCOINS, IDIOTS.
This is the MAJOR problem of password mechanism. Users aren't able or too lazy to remember something more complex. Even if you force them using something complex, they will bypass this security measure by writing it down into a .txt or a paper on their desktop. Got a good conf at hackfest 2010 talking about weakness of password mechanism. Cause if you check that the password strenght is only measured by the brain.
How a brain can remember a password, for a lot of people if you're able to remember a 9 char password with letter / numbers / only one special caracter the most recent hardware and technics including GPU cracking won't ever be able to crack your brain.
We need to educate people in order to have good security but this is impossible to educate everyone.
Passwords, encrypted or not are really not a good authentification mecanism.