For many online services, the only thing keeping your personal data safe from hackers is a password. If a hacker can get hold of that password, they immediately gain access to the account.
Your choice of password is absolutely vital
Your choice of password is absolutely vital which is why most services force you to use a combination of letters and numbers to make it harder to guess. Despite this, many people continue to choose the same, easily-guessed passwords year after year.
Every year mobile app developer SplashData publishes a list of the 25 most common passwords worldwide. Not only are these passwords extremely simple to hack using automated cracking tools, but the fact they are so popular means that cybercriminals will try this list first.
The top 5 passwords
According to SplashData the top 5 passwords are:
- 123456
- password
- 12345
- 12345678
- qwerty
If any of these passwords look familiar, you could be in trouble.
Most people choose passwords very easy to remember
Most people choose these passwords because they are very easy to remember, and only take a second to type in. The fact that they are all letters or numbers, and all in lower case means that they require the minimum number of keypresses to enter – perfect for the small keyboards on smartphones.
Ignoring password best practice
When you first set up a new account online, you will be encouraged to choose a memorable word of phrase – preferably one that contains upper and lower case letters and numbers to make it harder to guess. But as we discussed on the Panda Security blog previously, these measures are not enough to fully protect yourself.
To increase security, upper and lower case letters need to be used in the middle of the password. They should also include special characters, like !?*(), making them almost impossible to guess. Not unbreakable, but certainly much more difficult.
Reusing passwords
The other major problem with SplashData’s list of most common passwords is that people tend to reuse them for all their accounts. So if cybercriminals gain access to your Facebook account using an easily-guessed password, they can then log into your email, online bank account, and virtually any other system.
More worrying still, if you use these same passwords at work, you place their systems and data at risk too. If the breach is significant, you could even lose your job.
Get creative with your passwords
Although you must include specific characters in your password, you can choose any word you like. Better still, you can string several words together to make very long, very complex password that is almost impossible to guess.
And if you must use the top 25 most popular passwords, try stringing several of them together instead. It’s not a perfect solution, but your password will be more secure.
Use a Password Manager
There are great security solutions that offer a larger degree of protection and include a password manager… all you need is a master password to access all of your favourite internet services. This way, you will only have to remember one password and, as you don’t have to memorize all of them, you can set different, more complex passwords for each service. It maintains your online privacy… at all times!
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
7 comments
Software based password managers have their own share of problems. As more people have started using them malwares are now targeting also those in order to get all your saved passwords in one go. Better option would be to use hardware based password managers such as Mooltipass (www.themooltipass.com).
Weak passwords are easy target for hackers. They can be easily guessed. Creating a strong password with the unique combination of alphabets, numerical, symbols etc. protects our online applications from attackers.
Hi Peter,
Thanks for your message, we completely agreem, but users seem to still not understand the dangers so we keep warning them.
Best regards,
Panda Security.
Most systems have now started to force customers to use capital letters, numbers and even character which helps to ensure people are using stronger passwords. So many times I have come across clients using these easy passwords.
Hopefully this post will educate people to use stronger passwords.
Thanks