22 Jan, 2013

25 Worst Passwords of 2012

Passwords dominate our online lives, we need passwords for banking, buying, emailing, posting and tweeting. The average person therefore needs a veritable thesaurus of passwords... in theory. In reality we often use the same password for all logins, we don't change default passwords, or we use something that is extremely obvious, like our dog, cat or child's names.

SplashData, who make password management solutions, have released the 25 worst passwords of 2012. If any of your passwords appear on this list then you should be ashamed... and you should change them.

25 worst passwords of 2012:

  1. password
  2. 123456
  3. 12345678
  4. abc123
  5. qwerty
  6. monkey
  7. letmein
  8. dragon
  9. 111111
  10. baseball
  11. iloveyou
  12. trustno1
  13. 1234567
  14. sunshine
  15. master
  16. 123123
  17. welcome
  18. shadow
  19. ashley
  20. football
  21. jesus
  22. michael
  23. ninja
  24. mustang
  25. password1

Source: SplashData

So what makes a strong password? The obvious answer is... something that isn't on the list above, and also isn't easy for a hacker to guess or crack.

Make your password a minimum of eight characters and mix upper and lower case letters, numbers and symbols. Acronyms are good as they are generally easy to remember, for example LotR = Lord of the Rings, though don't use this particular example as you'd be amazed how many techies use Tolkien passwords, consequently they're often high on a hackers hit list.

Pass-phrases are also good, for example Eat Your *1 Greens! ... just make it something that's easy to remember for you, but not easy to crack or guess.

Using the same password on multiple websites is also bad practice, but how do you remember a different password or pass-phrase for every site that you login to? If it's a real problem then there are password manager applications available.

The most important thing to remember is that your online identity depends on the security of your passwords. Imagine how embarrassed/devastated* you'd be if all your friends on Facebook see a "like" by you to a porn site, or someone cleans out your online bank account, or tweets that you like reading chick lit and you're actually a 200lb bodybuilder? Review your passwords now!

* Delete as applicable