Creating and using secure passwords is now more important than ever, thanks to the growing frequency and severity of network hacks. Despite the growing risk, the average person is not doing much to mitigate his/her risk of being hacked.
Many people still use predictable passwords that can easily be breached, leaving them vulnerable to having their accounts hacked. Data compiled by the National Cyber Security Alliance shows just how big this problem is. Of the people surveyed:
- 31% use a pet name for their password
- 23% have used number sequences
- 22% use a family member’s name
- 21% use a birth date.
Another list, compiled by Dr. Jeff Yan of Lancaster University, shows a similar high level of consumer’s lack of interest when it comes to using secure passwords. Here are the top ten most popular, easy to hack, consumer passwords that his research uncovered:
One of the reasons consumers and businesses are at greater risk of being hacked today is that many people use the same passwords for all of their online services. When hackers steal millions of user accounts from online services like Yahoo!, they already have everything they need to break into all of your accounts.
Security experts suggest using long, random strings of letters and numbers as passwords, but most people find this approach to be bothersome or challenging – especially when they may have up to 100 accounts, each of which has different requirements for acceptable passwords.
To make matters worse, a growing number of online services expect users to change their passwords on a regular basis. What are consumers to do? Make their passwords as easy as possible to remember, but complex enough to make them harder to hack. One approach is to use a mnemonic to help you remember your password. In other words, an abbreviation for a spoken phrase, such as “what would you do for a Klondike bar” becomes “wwyd4akb.” Notice how the word “for” is rendered as the number four. You can also experiment with random capitalization and punctuation – such as “Wwyd_4aKb.”
Another alternative is to use a password manager program like LastPass, Dashlane or 1Password. They automatically keep track of the web pages you’re visiting, and the logins you have assigned to them. When they see a login form, they offer to enter it for you. If you manually enter a different value into the form, the app asks if you want to update the entry for that web address. It works really well!
If you want to stay safe online, follow these tips for password creation as suggested by Microsoft in Windows support page:
- At least eight characters long
- Does not contain username, real name, or company name
- Does not contain a complete word
- Is significantly different from previous passwords
- Contains at least one uppercase letter, lowercase letter, number, and symbol
Want to learn more?
Inadequete password security is 1 of 5 serious network security threats affecting small and medium sized companies today.
Read all about 4 other serious network security threats in our FREE special report: "5 major network security threats you cannot afford to ignore". Download now