Weak Passwords
Name: Weak Passwords Description: Which password is insecure? 1. Winter-Blitz-2024! 2. password123 3. hugging-apples-stepping 4. Y0l4nder@RSA-C Type: General Skills Challenge from: RSAC picoCTF 2025 Hints: 1. The password is a common one.
Theory
According to the description, to beat the challenge we just need to select an option. This seems simple, let's go through the options, the first one has various words with characters both uppercase and lowercase, numbers, and even a special character, that seems pretty safe, although let's see the next one. The second option doesn't seem really secure, even though it has a lot of characters and three numbers, it's a really easy guess, the password is just password and the first three numbers, so this might be the weakest of them all, let's see the other two. Third option seems a little unsafe because it just uses lowercase letters and dashes, but because of the length and random words, it actually isn't that bad, but let's check out the last option just in case. The fourth one is probably the most secure of these, not only it uses uppercase and lowercase letters, numbers and special characters, but it's a word that I think doesn't even exist, where a couple of letters are replaced with their number counterparts and uses a dash and at symbols around, making it the most secure of them even though it's not even that long. So, the answer seems pretty obvious, the second option having the most common word for a password and the first three numbers will be the worst password of these, so let's select that option and see if we're right about that.
Solution
So, if we check that the second option is the weakest of these as already explained in the theory, we get this:
SELECTED: 2. password123 Correct!
There we go! That's the correct option.
Next Level Guide: Basic Authentication
https://rsac.picoctf.org/level/1/15