Why you should think twice about using that password


GMT Solutions: Password SecurityThe most commonly used passwords of 2016 have been released, and I can’t say I’m surprised.  We get multiple password queries every week, and with so much of our lives online, you can end up with a LOT of passwords to remember.  It looks like that’s just too hard for many people, with “123456” topping the list as 2016’s most commonly used password.  “123456789” is next in line, and perhaps most dishearteningly, “password” is still on the list!

The study took passwords that had been extracted from data breaches, and found that the list of the top 25 made up over half of the 10 million passwords studied.  Many websites try to encourage more secure combinations, by making the use of upper and lower cases, numbers and special characters compulsory, but some of the more random looking combinations are easy to work out by looking at your keyboard.  “qwerty” features on the list at number 3, and “1q2w3e4r” at number 17- not too hard to figure out how they came up with that one.

This list shows that campaigns to raise awareness of online security just aren’t working – the UK Government recently spent £12 million on a cyber security awareness campaign, including a website that was only visited by about 1.9 million people, which works out at over £6 per visitor!

What can I do to improve my passwords?

Most importantly, don’t use any from this list!! But here are four additional tips you can use to avoid having your passwords compromised:

  1. Don’t use personal information – your spouse or children’s names, pet names, favourite team or other easily guessable facts about you
  2. Don’t use dictionary words – many password crackers are just dictionary files, which check against each word in turn.  Passwords which have letters replaced with numbers (e.g. p4ssw0rd) can also be cracked using this method, as that’s only a small number of combinations to add to the dictionary.
  3. Use a mixture of characters – upper case, lower case, numbers and punctuation – and use at least 8 characters total.
  4. Abbreviating or rewriting a sentence so that only you would understand or remember it, can often be a random looking, but memorable password.  For example, “I love reading fiction” could become “!luvR34dingFic” – comprehensible to you but a fairly random string of characters.

If you struggle to remember all the passwords that you need, and often end up using the same ones over and over again, you might benefit from a password keeping tool – there are various ones available for both computers and mobile devices, and this is something we can advise you on and help to set up if necessary.

To see the full list of the top 25 most common passwords of 2016, click here.  To book an online security awareness session, please fill in our contact form, or give us a call.