There’s no doubt about it. Human beings are typically terrible at choosing passwords.
We either choose a password that is easy to guess (the name of our pet hamster, the name of our favourite football team), or one that is easy to crack (dictionary words like “password” or “letmein”), or find ourselves dreaming up one hard-to-crack and impossible-to-guess complex password (“fTKJ5QSAw}jd’~m3X7N” or “foolery-suburb-narcosis-shorts-unbidden-widely”) but make the mistake of reusing it everywhere.
Humans suck at choosing passwords.
And that’s why I recommend that people invest in a password management tool, capable of generating truly random, impossible to guess passwords, and then doing the important job of remembering them for you so you don’t need to reuse them for every site you access.
All you then need to do is remember one complex, hard-to-crack master password and never have to worry about forgetting your email, eBay or Amazon password ever again.
My guess is that although the password manager solution is pretty straightforward many people are either ignorant that it exists, or think (mistakenly) that it will be too hard for them to follow. And so they go back to bad habits.
The fact that we are STILL talking about bad password practices proves that many people still aren’t getting the message, and new research released by SplashData makes clear that there are still many people using very very bad passwords indeed.
SplashData looked at more than two million passwords that have leaked through data breaches in the last year, and compiled a list of the 25 worst passwords.
And remember, it’s not just researchers who know the most commonly used passwords like the back of their hand. Malicious hackers and identity thieves know too.
So, without further ado, here are the worst passwords you could be using:
If you recognize any of those passwords as one of yours – shame on you. Learn your lesson and change your password immediately. Passwords like these are effectively worthless.
You might think you’re clever choosing a password like ‘1qaz2wsx’ (take a close look at your keyboard if you want to know where that one came from) or ‘starwars’ but it’s clear that plenty of people had the same idea as you.
And don’t feel too smug if your password isn’t on this list. The fact is that hackers and password crackers have access to databases of *millions* of the most commonly used passwords – meaning that unless you have taken care creating your password, chances are that it won’t take an enormous effort to crack it.
Here are my tips for better password security:
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.View all posts
May 16, 2023
March 10, 2023
April 22, 2021
April 22, 2021
April 13, 2021