Everyone Is Using Terrible Passwords

Use powerful passwords on the internetYou are using a terrible password. Despite warnings about security and the need for truly unique passwords it seems most web users are still using easily obtained, obvious, and ridiculously simple passwords. With Sony online entertainment, Sony pictures, Sony, and other companies related to her looking like Sony getting hacked all time even though they use great passwords and extremely powerful firewall software and hardware you would think people would get the message. I'm talking to you guy with the password "password" or the equally awesome "123456789". You can do better than that, you and I know it's hard to remember passwords but this is ridiculous.

Another common mistake is to base your password on the name of the software you are using, a company brand, or the website name you download the application from. An example of this would be for our webmaster to log into the site using the password "Dreamweaver 1234". That would be the application name used to create the website plus a series of numbers. This is a terrible idea and greatly reduces the amount of time it would take a hacker to successfully break your pass code. But you are not alone good sir, there are many people who are making the same mistakes.

The top 5 most popular passcodes in the United States for 2014 were:

  • 12345678
  • 123456
  • Abc123
  • Password

This was taken from an encrypted set of passwords for approximately 38,000,000 active users. This is a pretty good control group and suggest that folks need to get a little more thought their passwords.<

So what would be worse than setting up your password as one of the ridiculous examples above? That would be to use the same password across multiple services and websites. Do you do that? You know you do. A recent review by the company trust wave of over 2 million passwords found that 30% of all users maintain the same password across many services. This means a hacker just needs to get you once and then take a guess at what other services you might use. If you use Facebook you probably use twitter, and you may use the same account information for LinkedIn as well. Where you bank? There's a limited number of banks in your area do you think someone might be able to run your password across all the banks in a given ZIP code and find yours? This can get bad fast.

So we need to add few steps to secure our passwords to the ones we already know. Never give anyone your password, do not use a password connected to the service or site is protecting, do not use the same password more than once, don't use a ridiculous password that winds up on the top five on some website somewhere.

The best type of passwords one is completely randomly generated. If you can stomach that go find a random number generator, throwing some letters in your business. Since this will be very difficult to remember this is probably not a workable solution for you. You're going to tradeoff between ease-of-use and security on this every time. Keep that in mind and be safe.