Does your go-to phrase make the list of the world’s worst passwords?
2016 was the year of the hacker, with high-profile data breaches (think presidential campaigns, large webmail providers and the like) causing businesses and individuals to renew their focus on online security. But if you’re still entering ‘123456’ in the password field, you’re making the job of cyber-criminals far too easy.
Security appliance firm SplashData analysed 2 million leaked passwords and identified the top 25 worst passwords (and password components) that could be easily guessed by hackers. Repeat offenders that appear on this list every year are “123456” and “password”.
You may be surprised to find one of your regular password phrases on the list of problematic passwords…
- 123456
- password
- 12345678
- qwerty
- 12345
- 123456789
- football
- 1234
- 1234567
- baseball
- welcome
- 1234567890
- abc123
- 111111
- 1qaz2wsx (first two columns of main keys on a standard keyboard)
- dragon
- master
- monkey
- letmein
- login
- princess
- qwertyuiop (top row of keys on a standard keyboard)
- solo
- passw0rd
- starwars
Another study by researchers at IT training provider CBT Nuggets examined leaked emails and passwords (50,000 of them), looking at the affected users’ ages, names, gender and locations.
The words that occurred most commonly in the pool of compromised combinations included “angel”, “star”, “girl” and “love”; followed by “hell”, “miss” and “rock”. And if you’re a male named Dave, John, Mike or Chris aged 25-34, you’re four times more likely to be hacked!
Password dos and don’ts
- Needless to say, don’t use any of the words on the list above
- Don’t reuse your passwords. One account = one password
- Change passwords on a regular basis
- Create a password that is easy enough to remember (so you don’t have to write it down), but complex enough so that no-one else will guess it. One way of doing this is to string together random words and numbers
- Try substituting letters with symbols or numbers that you will remember. For example, $=s; 3=e; 1=i etc.
- Or use an online tool to randomly generate a secure password
- Use a password manager (such as LastPass) to store and manage your passwords – this means you only need to remember one
What does a strong password consist of?
- 12+ characters
- Mixed character types
- Check your password for complexity using an online password checker
- No pop culture and sport references
- No full names and words – any commonly known word or name puts you at risk
When in doubt about your IT security, reach out to the experts at Conosco, who can help ensure that your IT network is resilient, secure, and protected 24/7.
