Password Security as Easy as 123456

Tuesday, January 21, 2014 @ 04:01 PM gHale

Passwords are the first line of defense in any computer system, but yet, there are still people that have the easiest passwords to decipher.

For the first time the password “password” ended up supplanted by 123456, according to SplashData’s annual list of the 25 most common passwords found on the Internet.

Starbucks Clears Up Password Fault
Quantum Physics for Computer Security
Math Model for Cyber Protection
Implementing ICS Digital Zone Separation

This year’s list felt the influence of a large number of passwords from Adobe users posted online by security consulting firm Stricture Consulting Group following Adobe’s well publicized security breach.

“Seeing passwords like ‘adobe123’ and ‘photoshop’ on this list offers a good reminder not to base your password on the name of the website or application you are accessing,” said Morgan Slain, SplashData chief executive.

“Another interesting aspect of this year’s list is that more short numerical passwords showed up even though websites are starting to enforce stronger password policies,” Slain said. New to this year’s list are simple and easily guessable passwords like “1234,” “12345,” and “000000.”

SplashData’s Worst Passwords of 2013:
1) 123456 (Up 1 from 2012)
2) password (Down 1)
3) 12345678 (Unchanged)
4) qwerty (Up 1)
5) abc123 (Down 1)
6) 123456789 (New)
7) 111111 (Up 2)
8) 1234567 (Up 5)
9) iloveyou (Up 2)
10) adobe123 (New)
11) 123123 (Up 5)
12) admin (New)
13) 1234567890 (New)
14) letmein (Down 7)
15) photoshop (New)
16) 1234 (New)
17) monkey (Down 11)
18) shadow (Unchanged)
19) sunshine (Down 5)
20) 12345 (New)
21) password1 (Up 4)
22) princess (New)
23) azerty (New)
24) trustno1 (Down 12)
25) 000000 (New)

This top 25 list came from files containing millions of stolen passwords posted online during the previous year. The company advises consumers or businesses using any of the passwords on the list to change them immediately, and suggests making passwords more secure with these tips:

Use passwords of eight characters or more with mixed types of characters. But even passwords with common substitutions like “dr4mat1c” can be vulnerable to attackers’ increasingly sophisticated technology, and random combinations like “j%7K&yPx$” can be difficult to remember.

One way to create more secure passwords that are easy to recall is to use passphrases. Use short words with spaces or other characters separating them. It’s best to use random words rather than common phrases. For example, “cakes years birthday” or “smiles_light_skip?”

Avoid using the same username/password combination for multiple websites. Especially risky is using the same password for entertainment sites that you do for online email, social networking, or financial service sites. Use different passwords for each new website or service you sign up for.

Having trouble remembering all those different strong passwords? Try using a password manager application that organizes and protects passwords and can automatically log you into websites.

Leave a Reply

You must be logged in to post a comment.