Friday, 31 January 2014

Avoid these 25 passwords if your data is precious


By 

Many people make the mistake of using the same password for multiple accounts, including banking logins, social media profiles and e-shopping credentials. However, when that password is also ridiculously easy to guess, well that may unleash a data disaster.

Each year, SplashData releases its Top 25 list of most common passwords, also known as the “Worst Passwords of the Year”. This year’s compilation features a “great” victory, as ‘123456’ has finally claimed the #1 spot and forced ‘password’ to take the silver medal.

SplashData's "Worst Passwords of 2013":

Rank
Password
Change from 2012
1
123456
Up 1
2
password
Down 1
3
12345678
Unchanged
4
qwerty
Up 1
5
abc123
Down 1
6
123456789
New
7
111111
Up 2
8
1234567
Up 5
9
iloveyou
Up 2
10
adobe123
New
11
123123
Up 5
12
admin
New
13
1234567890
New
14
letmein
Down 7
15
photoshop
New
16
1234
New
17
monkey
Down 11
18
shadow
Unchanged
19
sunshine
Down 5
20
12345
New
21
password1
Up 4
22
princess
New
23
azerty
New
24
trustno1
Down 12
25
000000
New

According to SplashData, this year's list was influenced by the large number of passwords from Adobe users posted online by security consulting firm Stricture Consulting Group following Adobe's well publicized security breach. The company advises consumers or businesses using any of the passwords on the list to change them immediately.

Suggestions how to make your passwords more secure:

Use passwords of eight characters or more with mixed types of characters. However, even passwords with common substitutions like "3xc3ll3nt" can be vulnerable to attackers' increasingly sophisticated technology, and random combinations like "gr%7Jr5$" can be difficult to remember. One way to create more secure passwords that are easy to recall is to use passphrases - short words with spaces or other characters separating them. It's best to use random words rather than common phrases. For example, "cats cheese balloon" or "music_darkness_boom?"

As highlighted earlier, avoid using the same credentials for multiple websites. It’s very risky to use the same password for social networking or financial service sites. Use different passwords for each new website or service you sign up for.

Watch the following video for PCMag's take on the worst passwords for 2013 - starts at 3:53.  



About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.