Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  We’re all still pretty bad at passwords

We’re all still pretty bad at passwords

So, what is your password?

No, don’t answer that. Really, please don’t. Partly because the whole point of a password should be that it’s a secret known only to you, but also because there’s increasing evidence that we’re still not much better at password security than we were last year.

Each year, SplashData (100-worst-passwords-top-50) puts out a report highlighting the worst — which is to say the least secure — passwords uncovered due to data breaches in that calendar year. 2018 has (sadly) been a bumper year for data breaches. That does have a minor upside, because companies are significantly more upfront about when they have some kind of data breach incident, but a much larger downside, because the results of their research are depressingly familiar reading if you’ve followed online security for any time at all.

So what were the top 10 worst passwords?

Well, if you’re using any of the following, stop it, right now:

  • 10 – iloveyou
  • 9 – qwerty
  • 8 – sunshine
  • 7 – 1234567
  • 6 – 111111
  • 5 – 12345
  • 4 – 12345678
  • 3 – 123456789
  • 2 – password
  • 1 – 123456

The worst password lists haven’t changed for years, because, ultimately, we all tend to use our computers to make our lives easier, and human beings are pretty hardwired to go for easy approaches. If it was just one hacker living somewhere on the planet manually typing in random passwords, that might work out OK, because the odds of that one dude hitting your account are going to be pretty low in a world of billions of online users.

The problem is that we’re not talking about facing off against one lone human with the same lazy traits as the rest of us. We’re talking about automated systems that approach the problem of cracking a password as simply a mathematical equation.

Easy to remember number sequences that just happen to be on the keyboard in line might seem like an elegant solution to remembering your passwords, but that also means they’re easy for miscreants to guess.

Not that they have to guess any more, because the vast majority of cracking attempts against password systems use automated approaches that can zip through every single dictionary word and keyboard number combination in a frighteningly short period of time.

This is also why using the same password across multiple sites, even if it isn’t “123456” or “password” is such a bad idea. Again, systems doing this kind of cracking will apply that password and email combination to as many services as it can hit in a few seconds, just to see what will work. All too often, it does, and suddenly you’re locked out of your email, buying sports cars in far eastern Russian bloc nations or finding your bank balance completely drained. Sometimes, while you sleep.

There’s a balance here, because nobody’s going to remember a 256 character password containing at least 50 different punctuation marks and at least one Japanese Hiragana character, but then, you really don’t have to. While it can seem as though the modern world is too complex with too many passwords to remember, you can use the approach of the crackers to help you. Which is not to say that you should counter-crack, but instead that you can use machine smarts, by way of a good password management application such as 1Password, Keepass or Dashlane to remember your passwords for you. They can generate complex passwords that you can often either paste or even auto-fill into services, and all you have to do is come up with a single, very strong password to keep those apps secure.

Yes, it’s a little bit of work to set up in the first place. But it’s a lot less work than recovering your finances, email, online social media accounts and everything else that could go wrong if you rely on a weak and common password like 123456.

Share

Recent News

Do you own a MacBook Pro? A lot of people do – in recent years while many manufacturers have struggled to expand their market share, Apple’s ridden a wave of iPhone popularity to sell folks on its MacBook line of laptop computers. They’re sold on the basis of Apple’s premium brand, and its general reputation… More 

The next generation of mobile connectivity has launched in Australia. 5G brings with it the promise of faster connection speeds, lower latency and all-new use cases for mobile data. Well… sort of. At a technical level, the 5G networks of Telstra and Optus have customers accessing data on them. However this is only under very… More 

At its WorldWide Developer Conference recently, Apple laid out its software vision for the next version of macOS. That’s the software that runs its Mac line of computers. If you’ve got an iMac, MacBook or a Mac Pro, the next version of macOS will functionally be macOS 10.15. You won’t see that version number too… More 

At the heart of every computer lies a processor of some kind, whether you’re talking the cheapest student laptop or the highest-end video rendering desktop. In the computing market there are two primary competing companies with serious investments in providing the processor that will run your next computer: Intel and AMD. Of the two, Intel… More