Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  We’re all still pretty bad at passwords

We’re all still pretty bad at passwords

So, what is your password?

No, don’t answer that. Really, please don’t. Partly because the whole point of a password should be that it’s a secret known only to you, but also because there’s increasing evidence that we’re still not much better at password security than we were last year.

Each year, SplashData (100-worst-passwords-top-50) puts out a report highlighting the worst — which is to say the least secure — passwords uncovered due to data breaches in that calendar year. 2018 has (sadly) been a bumper year for data breaches. That does have a minor upside, because companies are significantly more upfront about when they have some kind of data breach incident, but a much larger downside, because the results of their research are depressingly familiar reading if you’ve followed online security for any time at all.

So what were the top 10 worst passwords?

Well, if you’re using any of the following, stop it, right now:

  • 10 – iloveyou
  • 9 – qwerty
  • 8 – sunshine
  • 7 – 1234567
  • 6 – 111111
  • 5 – 12345
  • 4 – 12345678
  • 3 – 123456789
  • 2 – password
  • 1 – 123456

The worst password lists haven’t changed for years, because, ultimately, we all tend to use our computers to make our lives easier, and human beings are pretty hardwired to go for easy approaches. If it was just one hacker living somewhere on the planet manually typing in random passwords, that might work out OK, because the odds of that one dude hitting your account are going to be pretty low in a world of billions of online users.

The problem is that we’re not talking about facing off against one lone human with the same lazy traits as the rest of us. We’re talking about automated systems that approach the problem of cracking a password as simply a mathematical equation.

Easy to remember number sequences that just happen to be on the keyboard in line might seem like an elegant solution to remembering your passwords, but that also means they’re easy for miscreants to guess.

Not that they have to guess any more, because the vast majority of cracking attempts against password systems use automated approaches that can zip through every single dictionary word and keyboard number combination in a frighteningly short period of time.

This is also why using the same password across multiple sites, even if it isn’t “123456” or “password” is such a bad idea. Again, systems doing this kind of cracking will apply that password and email combination to as many services as it can hit in a few seconds, just to see what will work. All too often, it does, and suddenly you’re locked out of your email, buying sports cars in far eastern Russian bloc nations or finding your bank balance completely drained. Sometimes, while you sleep.

There’s a balance here, because nobody’s going to remember a 256 character password containing at least 50 different punctuation marks and at least one Japanese Hiragana character, but then, you really don’t have to. While it can seem as though the modern world is too complex with too many passwords to remember, you can use the approach of the crackers to help you. Which is not to say that you should counter-crack, but instead that you can use machine smarts, by way of a good password management application such as 1Password, Keepass or Dashlane to remember your passwords for you. They can generate complex passwords that you can often either paste or even auto-fill into services, and all you have to do is come up with a single, very strong password to keep those apps secure.

Yes, it’s a little bit of work to set up in the first place. But it’s a lot less work than recovering your finances, email, online social media accounts and everything else that could go wrong if you rely on a weak and common password like 123456.


Recent News

I’ve not had a standard landline in my home for quite some time now. Partly that was because I very much did switch over to using my smartphone a great deal more over time. Mostly, however, it was because getting rid of it was one of the simplest ways to cut off those interminable “support

Social media can be a huge force for change, and in these times where many of us are bouncing in and out of lockdowns, also a vital lifeline for communication on everything from important matters to the wildly trivial. We’re all allowed our personal obsessions, after all. However, many of us don’t think about the

Microsoft recently released its first public-facing beta version of the Windows 11 operating system that it will ship later this year. You’ve got to be signed up to its Windows Insider program to get it – and be willing to accept a little risk in terms of unstable operating systems – but then this is

Telstra recently announced that its 5G coverage for its mobile phone network covers around 75% of the Australian population. It’s also announced the “longest” (as in range) 5G phone call in the world, spanning some 113km in Gippsland. Meanwhile, rival telco Optus has claimed that it’s hit 300mbps upstream on trials of its emerging mmWave

Coronavirus (COVID-19) Update

Learn about the precautions we are taking and our new contactless pick-up and remote service options. Read More
Get help setting up your home office or homework area today. Learn More