We take a look at some of the worst passwords you could possibly have, as well as looking at the best ways to stay secure online.
Password management platform Nordpass recently released their list of the “worst” passwords of 2020. This list is based on the most common passwords and also details how many times a password has been exposed, used, and how much time it would take to crack it.
1. 123456
2. 123456789
3. picture1
4. password
5. 12345678
6. 111111
7. 123123
8. 12345
9. 1234567890
10. senha (Portuguese word for “secret”)
You can see the full list of the 200 most common passwords here.
Weak Passwords
The temptation when creating a password is to use something easy to remember. This may result in a familiar word, or as we have seen with the most popular passwords of 2020, a logical string of numbers. These passwords are extremely easy for hackers to access, and can be done in a matter of seconds using brute force methods (guessing millions of different password combinations). A huge number of people also have the same password across a number of their accounts, which means that once hackers have accessed one of their accounts, they theoretically have access to all of the accounts that they use the same password for.
Creating Strong Passwords
When creating a password, you should avoid using words found in the dictionary, words or numbers that are meaningful to you (such as phone numbers, birth dates, or names), number combinations, or strings of adjacent keyboard letters (such as “qwerty”). We strongly advise that you do not reuse passwords across multiple accounts. Choose a unique one for each account and make them as long as you can, using a mixture of upper and lower-case letters, numbers and symbols to significantly lower the risk of being hacked.
Password Managers
One of the easiest ways to create strong, unique passwords for each different account, without having to worry about remembering them, is by using a password manager. Password managers are essentially password vaults that store the information of all of your login credentials for every site and service you access. You just need to remember one password to enter the vault. Many password managers have inbuilt functionality to help you generate long, complex passwords too, ensuring that you have a high level of security on your accounts. Some even have autofill features allowing you to enter your stored passwords at a click or tap of a button.
MFA
We also strongly recommend that you enable multi-factor authentication (MFA) where possible. This adds an extra layer of security, usually requiring you to enter an additional code sent to you via text, call, email or an authentication app. That way, even if someone does discover your password, they would need to use the code to get into your account.
Which Password Manager Should I Use?
You should always research password managers yourself, as each person will need different features or levels of support. Popular options include LastPass, Dashlane and RoboForm - all of these platforms sync online and are stored centrally. Platforms like KeePass and Bitwarden allow you to keep hold of your vault locally on your own device, and are free, open-source software, whereas the other examples have a subscription fee attached to them (although some may have free tiers). When researching, start with those to give you an idea of features, pricing and security features.
ASK4 Solutions sets up all of our employees with password managers for their own accounts, to ensure that not only are their personal accounts protected, but our company and our clients’ data is protected too. If you would like more information on implementing password managers in your organisation, please get in touch. Our security consultants would be glad to have a chat with you.
