It should not really be a surprise to anyone that “password” is not a strong password. However, what might surprise you is that people still continue to use it!
What Were The Worst Passwords of 2018?
Prior to the years end, a study of 5 million leaked passwords from 2018 revealed that users are still taking risks with their online security and using easy to guess passwords.
It seems like even after all the years of being shamed for using them, “password” and “123456” still hold the top spots for 2018’s easiest to guess passwords.
Some interesting mentions from their top 100 were “princess”, “iloveyou”; and even “donald” made it into the top 100.
Here Are The Top 20 Worst Passwords for 2018:
- 123456
- password
- 123456789
- 12345678
- 12345
- 111111
- 1234567
- sunshine
- qwerty
- iloveyou
- princess
- admin
- welcome
- 666666
- abc123
- football
- 123123
- monkey
- 654321
- !@#$%^&
What Should You Do If a Password You Use Is On That List?
If any of the passwords you use are on this list, that is an immediate red flag and you need to think about improving your online security.
Having strong passwords is vital to keeping accounts safe, even for accounts you may deem insignificant or don’t use. Skilled hackers can use access from these accounts to gain access to other accounts or to impersonate you, which could lead to a whole range of trouble.
There’s also the obvious issues from lack of security with a bank account or email passwords which can lead to fraud and release of important or confidential documents.
How Can You Create A Secure Password?
- Use 12 characters minimum
- Include numbers, symbols, capital and lower case letters
- Don’t use full words or a combination of words – keep the characters random
- Don’t use sequences of numbers of letters ie. “123,” “ABC,” “QWERTY”
- Don’t use substitutions ie. “ch3rry” instead of “cherry”
- Never use personal details such as pets names, childrens birthdays or your favourite sports team – all this information can easily be looked up by a hacker
- Use different passwords for every account – using the same password for every account means once a hacker gets access to one account they will have them all. Cracking your Facebook password can lead to your email password and then bank accounts and before you know it a hacker could have racked up a load of credit card debt in your name!
- Use 2-factor authentication – even if someone gets ahold of your password they will not be able to access your accounts without having the authentication code, which can be emailed or texted to your device.
By following these tips hackers won’t target you. Using a 12 random character password takes over 2 centuries for a hacker to break with a brute force attack meaning they will give up long before they break it.
Hackers intentionally go for accounts that are weak and easy to break to save themselves time and effort, so by putting further obstacles like secure passwords and 2-factor-authentication in their way you can keep yourself safe online.
How Can You Remember Passwords For Multiple Accounts?
On average in the UK we have 118 accounts linked to one email address – that’s a complete information overload. Using a password like “123456” may keep things simple and means you never lock yourself out of an account, but it also gives hackers a great opportunity to take over every online account you have and cause irreparable damage.
Password managers are a great tool to help you keep track of all your passwords and ensure you are able to stay safe online. There are even some free ones such as LastPass.
The way password managers work is that you have one extremely secure master password which allows you access to your “vaults” of other passwords. It’s essentially a virtual safe, and as it relieves the pressure from having to memorise hundreds of different passwords you can focus on creating one extremely secure passwords following our tips above.
