I’m such a non-fan of passwords. Keeping track of all that shite is tedious. So here I am doing my best when along comes the CBC to make life even more difficult.
“If your password is on the list below you had better change it.
Among the 25 most common passwords among 3.3 million that were leaked online last year, the top two were once again “123456” and “password,” according to a company that provides password management software.”
Based on its analysis, SplashData recommends that when crafting your password:
- Don’t use keyboard patterns e.g. “qwertyuiop” from the top row of letters
- Don’t use a favourite sport – baseball and football were both in the Top 10, with hockey, soccer and golf in the Top 100.
- Don’t use your birthday or birth year. People in their early 20s seemed to be especially guilty of this, with the years 1989 to 1992 all in the top 100.
- Don’t use common names – michael, jennifer, thomas, jordan, hunter, michelle, charlie, andrew and daniel were all in the Top 50.
Here’s the entire list:
-
123456
-
password
-
12345
-
12345678
-
qwerty
-
1234567890
-
1234
-
baseball
-
dragon
-
football
-
1234567
-
monkey
-
letmein
-
abc123
-
111111
-
mustang
-
access
-
shadow
-
master
-
michael
-
superman
-
696969
-
123123
-
batman
-
trustno1
So there you go, now out and make yourself and your accounts more secure and less accessible to yourself. You are welcome.
6 comments
May 26, 2015 at 1:12 pm
The Intransigent One
Apparently our doge has a very common name! (Not our fault, she came with a name pre-installed)
LikeLike
May 26, 2015 at 3:51 pm
bleatmop
Ug. After getting one of my accounts compromised last year I have changed most of mine into unique ones, which is a giant pain in the ass. Although I did do some reading and sharing a password with different accounts isn’t necessarily the end of the world. Many of the suggestions I came across involved:
1. Your email password that you use to confirm your accounts should have an entirely unique password that is not used anywhere. If you can, also use other means of security, such as tying that account to your smart phone or text messaging confirmation numbers when accessing the account from a different computer. This is the most important step to maintaining security because if a hacker gets your main email account then they can get access to every other account you have and change their passwords.
2. Any account that stores your credit card information should have a unique password.
3. Explore the security options available to you on each service that you use. Paradoxically most of them are disabled upon setting up an account. My guess is so that you can get straight into what you are trying to do without having to spend an hour setting up an account. Facebook, Steam, Origin and I am sure many other services have robust security options available to you if you choose to do the research to find out how to utilize them. Unfortunately hackers depend on most people not using these features. Steams extra security is so good that Gabe Newell posted his user name and password to his personal account and it still has never been compromised (to my knowledge).
As a victim of credit card fraud I would encourage everyone reading to go ahead and review your security options on any page that you wouldn’t want a hacker to get a hold of. It was a huge pain in the ass and I wouldn’t wish it on anyone. Also, I would suggest reviewing the security on any credit card that you have. My wife had a text message go to her phone every time our credit card was used and that is what let us find out about the fraud early enough to stop it at the hundreds of dollars period and not the thousands of dollars.
LikeLiked by 1 person
May 27, 2015 at 2:48 am
Reneta Scian
I learned my password habits from doing highly sensitive and classified government work. As a result, my passwords will never show up on any of those lists. Once you learn to make complicated passwords, you just kind of stick with it. My passwords are exceptionally esoteric as a result. I’ve also never had any account “EVER” hacked via password.
LikeLike
May 29, 2015 at 3:16 pm
Sedate Me
I think I heard on the radio that the Top 7 passwords account for almost half of all passwords (…and 100% of the passwords of folks whose VCRs kept flashing “12 o’clock”). Like casting a ballot, I’m sure half of all people don’t bother use passwords either.
Yes, choosing a solid password is a good idea. But by no means does it keep you safe, especially from anybody who has a clue what they’re doing. You’re still putting all your eggs in one tantalizing, easily cracked, basket.
In this new digital dystopia, you’re never more than one virus, one backdoor/vulnerability in a program you use, or just one lucky password guess derived by reading your Loserbook page away from having your basket falling under the control of somebody else. Usually, with you none the wiser.
For any Battleship Galactica fans out there, I follow the lead of Commander Adama. That is to say, “I never trust a networked computer”. Because even US Central Command servers have proven to be hackable, I put NOTHING remotely important, or remotely personal, on any device that accesses the Inter-tubes.
I also don’t use WiFi, on-line bank, own any stupid phone, credit card, or any other piece of plastic that makes tracking my every move and/or emptying my bank account easy. I try to go analogue every chance I get.
LikeLike
May 30, 2015 at 7:40 am
Reneta Scian
I’m all for a complete switchover to biometrics. or more complex visual passwords. My tablet has a visual pictographic password.
LikeLike
May 30, 2015 at 3:41 pm
Sedate Me
Reneta Scian,
Biometrics???
Gee, I can’t see how that could ever possibly go wrong. Yeah, why not have copies of your most personal information floating around? Why not give hackers a chance to snag fingerprints or retinal scans? It’s already damn near impossible to get your stolen identity back as it is. Try telling dozens of paper-pushing bureaucrats, Inspector Gadgets, and corporation-bots “That’s not my fingerprint.” or “I didn’t sign that contract with my eyeball”.
Biometrics only ups the ante and increases the hacker’s reward. The “lock” will become more valuable than what’s behind the door that it locks. I’d much rather use Canada Post to send & receive ALL my communications than expose myself to a 0.000001% chance of ever losing my “biometric data” (Even the terminology is dehumanizing.)
…well, for as long as Herr Harper allows Canada Post to exist. ;)
LikeLike