If you’re one of those people who think it’s cute or clever to use ‘password’ as your password, you may be shocked to know that we’ve just added another highly ranked page on the web that openly publishes your crucial piece of identification.
Security firm SplashData recently published this year’s 25 worst passwords, and having seen individual security policies covering all industries, education levels and levels of paranoia, I can safely say that I’ve seen almost all of the entries from the top ten more often than I’d prefer.
- password
- 123456
- 12345678
- qwerty
- abc123
- monkey
- 1234567
- letmein
- trustno1
- dragon
Shockingly, many people in the world use these sequences to lock down their most sensitive login credentials. Thankfully many of the higher risk sites enforce a certain level of password complexity and some even force a password change after a set amount of time, but the fact is that a majority of sites, even ones where sensitive data like credit card information may be stored, do not enforce much, if any, password best practices at all.
Here are some tips to developing your own ideal passwords:
- Passwords should always contain a mix of upper and lowercase letters, numbers, and where possible, special characters – This ensures that a determined hacker will have to invest more significant amounts of time attempting to break your password through ‘brute force’ repetition.
- Passwords should never be a dictionary word – Automated processes will focus on dictionary words more readily than invented or random terms and pick these accounts off first.
- Ideally, you shouldn’t use the same password for different accounts – A resilient hacker will undoubtedly try the same credentials at different popular services to maximize their damage.
- Passwords should be changed on a fairly regular basis, perhaps every 3-6 months –In many cases, a hacker will retrieve your credentials, note a successful login and simply archive this information for use in a later deed.
If you follow the above tips, your former darling password of ‘monkey’ could better serve you with the far more secure “mo_nK3y%”, so long as you pick a new animal to secure your accounts every once in a while.