Gadget

Hackers count on it: 123456 leads passwords

Password security company Splashdata released its annual list of the world’s most common stolen passwords, with “123456” going to the top of the list. LEAINE BREBNER gives us some tips on how creating strong passwords that make it more difficult for cyber criminals to steal them.

The number one spot went to “123456”, which dethroned the word “password”, after it had spent years on the top.

Adobe’s major security breach in October 2013 is the main reason for the change in ranking as more than 48 million users were affected, with 2 million users choosing 123456 as their password.

The trouble with Adobe highlights a simple fact – when you give your personal information to someone online, you trust them with your identity.

The problem with passwords is that human-nature dictates that we use the same password for all of our accounts. We have enough to remember on a daily basis, who wants to remember a dozen passwords too? But, it has become a necessity to have multiple passwords. Due to advanced technology and the proliferation of social networking, with a few key pieces of information someone can compromise your accounts and possibly steal from you or reveal your personal information to people you don’t want to see it.

And we know this to be true because every few months compromised passwords are featuring in the news.

Here’s the full list of worst passwords from 2013, according to Splashdata:

If you are using one of the passwords on this list, we strongly advise you to change it immediately!

So how can you go about choosing an effective password? We have listed some tips below:

Don’t choose a password based on a website or application: Passwords like “adobe123” and “photoshop” appeared on Splashdata’s list for the first time, which is a potent reminder not to base a password on the website or application being accessed. Weaker passwords stand no chance against attacks from hackers. Rapid-fire-guessing is a common method used and passwords that refer to the site or application are red flags: password hacking software can make 8 billion guesses per second.

Longer passwords do not offer peace of mind: Password-cracking software is becoming more sophisticated and previous methods of choosing a password are no longer reliable. Don’t think that your password is safe just because it is a word with more than 6 characters – software can now crack passwords with around 55 characters. Longer passwords that make use of different elements, however, are more secure than short ones.

Do not use common words or phrases: Avoiding “password” and “123456” should be a given by now, but hobbies, childrens, pets and street names should also be avoided as well as any word in the dictionary. If you’re a football fan, a few guesses can quickly identify that your password is arsenal. These can all be picked up by the “dictionary attacks” that cybercriminals use to guess passwords, which may also include phrases.

Don’t use any part of your own name or date of birth: One of the first things criminals will look for is parts of your name, surname or username in your password and if they have access to your date of birth, they will look for that too.

Do not replace letters with similar-looking numbers: This used to be an effective strategy, such as replacing the letter “E” with the number “3”, but hackers have begun to cotton on to this too.

Do not add numbers of special characters to the end of a word: Adding numbers to the end of an existing password on sites that require you to change your password periodically is practically an invitation for hackers to crack your password. Adding special characters to the end of a word is also a no, no – hackers look for these first.

How to make your password secure. A good password contains a mix of numbers, uppercase and lowercase letters, sentences, special characters and is at least eight characters long. (This reminds us of all the jokes going around about passwords including the blood of a first born and such. But, there is some truth to those jokes, the more complicated your password, the better.) Easily remembered words used on their own, are usually easily guessed, but creating a sentence with words that mean something to you and including numbers, special characters and uppercase letters should make for a very strong password.

Remember to avoid using the same password for multiple sites: it is especially risky to use the same password for social media sites, online emails and online banking sites.

Keeping track of all the passwords you create might start to become complicated, therefore utilising a password management application that organises and protects passwords, is an idea. SplashID Safe has a 10 year history and over 1 million users.

* Leaine Brebner, Head of Communication – Dial a Nerd

* Follow Gadget on Twitter on @GadgetZA

Exit mobile version