January 23, 2015
Recognize any passwords on this list?
Research pinpoints these as the most common, simplest and thus weakest passwords of 2014.*
They’re everything a password shouldn’t be: minimal, straightforward and painfully easy to guess – especially considering that experts predict immense growth in cyberattacks and hacking as technology continues to advance (see What to Expect for Enterprise Infrastructure in 2015).
It’s time for a password revolution.
These lists are based on more than 3.3 million leaked passwords from users in North America and Western Europe. Here are some tips for optimizing your password strength.
According to SplashData, the company behind these lists, passwords based on simple keyboard patterns (think: “qwertyuiop” or “123456”) are incredibly weak and yet remain popular among users who have been hacked. This holds true no matter how long they are (think: “qwertyuiopasdfghjkl” which is the first two rows of letters on a keyboard) – if they follow an obvious keyboard sequence, they aren’t secure.
It’s important to note that since 2011, “123456” and “password” have held their respective spots as the top two weakest passwords. Consistent changes to your password (though not at a rate that would eventually confuse you) can ensure security, even if the unthinkable occurs and your old password is leaked. If it’s hard for you to remember changing your passwords, consider using a password manager to help.
No matter how strong your password is, using the same one across multiple sites could spell disaster in the event of a cyberattack.
Two-factor authentication requires users to not only log in using a password, but also to complete an additional verification step. For example, after entering the correct password, you may also have to enter a 4-digit code sent to your mobile phone.
True, this might seem like a hassle, but it’s worth the extra couple seconds – especially if sensitive information is on the line (see Don’t Overlook Enterprise Security).
It turns out that names like “michael,” “jennifer,” “thomas,” “jordan,” “hunter,” “michelle,” “charlie,” “andrew,” and “daniel” are all in the top 50 most common names; and thus, make weak passwords.
While it might be a no-brainer to use your child’s (or pet’s) name… Experts maintain that if you’re going to do it, make sure you fortify it with good password techniques (below).