SplashData, an app provider that helps consumers and businesses manage passwords and security, has created rankings on the most common internet passwords. The list is based on millions of stolen passwords posted online by hackers.
While a lot of the entries on the list are at first quite amusing, it’s worrying to see how common some of the “less obvious” passwords are. Before seeing this list, using “letmein” might have seemed like a cunning ploy…
It only takes a moment, so there’s no reason not to keep yourself protected. Here are some password does and don’t to help you stay safe online.
- Use cardinal numbers in order, i.e. ’123456? is not clever.
- Base a password on personal data, e.g. dog’s name, car registration, your name. Never use your mother’s maiden name or any password that your bank might use.
- Choose a word found in a dictionary in any language – password dictionaries make these particularly easy to crack in a ‘dictionary attack’.
- Use simple transformation or substitution, e.g. Pa$$w0rd.
- Use fewer than 8 characters and solely alpha- or numeric characters.
- Tick the ‘remember this password’ box.
- Use a mixture of four keyboard character types – lower case letters, upper case letters, numbers and other special characters such as #, $, -, +, @, ! etc. Unfortunately, some older systems restrict the special characters your can use.
- Use long passwords of 8 characters or more – the longer the password, the harder it is for hackers to use brute force attacks. However, some older systems don’t allow this and have limits of 8 or 14 characters.
- Use different passwords of different accounts and change them at least twice per year.
- Always change default passwords from ‘password’ or ‘admin’.
- Think illogically; computers rely on logic to operate.
- Be obtuse, think outside the box, invent new words!