Seems like every few months another blogger or security maven laments the passing of the password, a security tool that has outlived its usefulness and should now be replaced with something more of the times, more effective, more secure.
And while the password might be on life-support, it’s not quite gone. Which means you still have to take it very seriously, because in most cases it’s the only security you may have.
And you should also learn to accept that if the password is mortally wounded, it might be partly your fault. Because we know, we have hard evidence, that passwords have been weakened by their owners.
And we know this because of another major security problem, data breaches. Thanks to hundreds of data breaches that have exposed millions of personal files and passwords, we now know exactly what kinds of passwords users are using.
For example, a company called SplashData analyzed millions of stolen passwords that were posted online in 2012 by the very hackers who stole them, and the news is as bad as it’s predictable.
So without further ado and no smirks please, here are what security experts have found to be just the Top 5 most common passwords in use today:
That’s right. The most common password in use today is “password.” And the news doesn’t get any better the further down the list you get. For example, coming in at #16 on the list is the unbelievably-hard-to-crack “123123.” And rounding up the top 25 of all the most commonly used passwords is the cryptically genius – wait for it – “password1.”
I ask you. Do we really think hackers are that stupid, or do they think we are? And who’s right? I have a feeling I know the answer but I’ve chastised you enough.
So until you no longer need passwords, here are some essential tips every business owner needs to follow in order to get the best out of them.
And if you or your employees have a tough time remembering all those long and complex passwords, here’s an idea – start thinking about passphrases instead. A passphrase does all the things a good password should do. It can include all the semi-random characters you need, can easily be 12 characters without being hard to remember, and you can create multiple versions without worrying about forgetting them too easily.
Here’s how a passphrase works:
– For example, the phrase could be something like “I graduated from Notre Dame University on June 1st 2002.”
– That would give you the following password: “IgfNDUoJ1st2002”. That’s a massive 15 characters and includes upper and lower case letters and numbers. Change the “I” to the symbol “!” and now you’ve made it even harder to crack.
Unless the hacker knows you personally, it would be nearly impossible to guess or crack such a passphrase. Even if the hacker did know you, they would have little way of knowing the phrase you chose.
And if you have trouble remembering the phrase, you can still write it down and keep it somewhere in your home, because there’s very little risk a hacker would find it in your home and recognize the phrase as a password. You can use similar or themed phrases to protect other accounts, but instead refer to when you graduated high school instead of college, or when your kids graduated, and so on.
In addition to utilizing strong passwords, it is important to utilize a website scanner and web application firewall (WAF) to further protect against cybercrime. SiteLock assists more than 6 million websites with these types of solutions, to find out how more call 855.378.6200.