25 Poor Passwords

Poor Passwords - @SeniorDBA

According to internet security software firm SplashData, if you are using any of the passwords listed you should change them immediately. While a simple password might be easier for you to remember they are also easier for hackers to guess. The SpashData study said:

We call them the “worst passwords” because when it comes to password security, using a popular password is a very bad thing. Since the most popular passwords are so common, these popular passwords would be among the very first tried by any hacker or malicious “cracking” program. When you choose a password, you want something unique, complex, and unusual, and you want to make sure you use different passwords for different sites.

Rank Password Change from 2013
1 123456 No Change
2 password No Change
3 12345 Up 17
4 12345678 Down 1
5 qwerty Down 1
6 123456789 No Change
7 1234 Up 9
8 baseball New
9 dragon New
10 football New
11 1234567 Down 4
12 monkey Up 5
13 letmein Up 1
14 abc123 Down 9
15 111111 Down 8
16 mustang New
17 access New
18 shadow Unchanged
19 master New
20 michael New
21 superman New
22 696969 New
23 123123 Down 12
24 batman New
25 trustno1 Down 1

What are you supposed to do to make a breach of your accounts more difficult?

  1. Use the entire keyboard – Include symbols, uppercase letters, lowercase letters, and numbers in your password. If allowed, include a character from each of those four categories.
  2. Make password longer – Passwords should be a minimum of 8 characters long, but longer passwords are generally better than shorter passwords.
  3. Avoid Dictionary Words – Hacker tools generally look for words you find n a dictionary, along with common passwords, wen guessing your password. If you avoid words or combination of words (in multiple languages) it won’t be as easy to for hackers to crack your password.
  4. Best Practice – Your password should not contain your name, username, publicly available data (birthday, telephone number, house or apartment number, etc.), or your company name.
  5. Avoid Repeats – Your password should always be significantly different from any old passwords. This should include avoiding adding a number to the end of the last password (“password1” is just as bad as “password”).
  6. Don’t duplicate passwords – Never use the same password on different accounts. The most common example is don’t use the same password on your Twitter and Google account. If one account is compromised, the hacker will try the same password on your other accounts, so don’t make it easy to gain access to all your accounts. This is also essential for those people who have more than one business account. If you have one account for normal use and another account for “admin” use, never use the same password or both accounts.

I’ve written about passwords before, including how to select a good password.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s