The password minefield

How much thought do you give to setting up your passwords?

You’ll find yourself often being asked to change your password, using a combination of letters, numbers, symbols, a certain length of characters and one that hasn’t been used before, it’s hard to come up with secure passwords regularly, but it’s important.

No matter how many times people are warned about the dangers of using unsecure or predictable passwords, it still happens.

Research by a password management software firm suggests that the most popular combinations are still ‘123456’, the second being ‘123456789’. Easily guessed numbers made up eight of the top ten most commonly used configurations in 2016, including ‘111111’, ‘222222’, ‘333333’ etc. Using the word ‘password’ was at position 8.

Using combinations such as ‘18atcskd2w’ or ‘3rjs1la7qe’ seem secure right? Wrong, these more complex passwords are used repeatedly by bots when they set up dummy email accounts for spam and phishing attacks and passwords that are made up of 6 or less characters are susceptible of attack, as they can take just seconds to unscramble. It’s a minefield!

How to come up with a new secure password

1. What about using a password manager or password generator app to produce a password for you? You could go down this route, it’s definitely more secure than using those mentioned above. Trouble is that algorithms are used in most cases to generate these code, algorithms that are no doubt also used by clever scammers.
2. Random word selection… Pick 3 completely unrelated words, book/tyre/kettle for example – look around you and outside for inspiration. Replace some of the letters with symbols and numbers. Due to the random nature of selection, this will make the password tougher to crack.
3. Close your eyes and tap… An alternative is to randomly tap keys across the keyboard without looking, use both hands and move around the keyboard. Downside, using this method may make it harder for you to remember, but will be totally randomly selected and harder to crack. Just as good as a password generator.

So how often should you change your password?

It depends on the level of risk. If you have access to customer, sensitive, monetary, secure or business critical data that would be devastating in the wrong hands, then you should change your password monthly. If it’s facebook or another social media platform, the risk may not be deemed as great. The choice on this is up to you as you won’t be prompted to change.

The no no’s

Below is a list of the top 25 researched predictable passwords of 2016. If yours is on this list, change it now!

1. 123456
2. 1233456789
3. Qwerty
4. 12345678
5. 111111
6. 12334567890
7. 1234567
8. Password
9. 123123
10. 987654321
11. Qwertyuiop
12. Mynoob
13. 123321
14. 666666
15. 18atcskd2w
16. 7777777
17. 1q2w3e4r
18. 654321
19. 555555
20. 3rjs1la7qe
21. Google
22. 1q2w3e4r5t
23. 123qwe
24. Zxcvbnm
25. 1q2w3e