A short time ago we posted a very popular blog entitled Does Heaven Have A User Name And Password For You? – which brought up the scary facts of what happens to your user names, passwords and other important stuff after you post your final status update. And as creepy as that look into the future was, there is another issue out there, and an excellent chance that right at this very moment you could be in passport hell.
Last month, RockYou, a company that makes security software, was hacked and 32 million passwords were posted on the web. As part of the investigation to find the hacker the passwords were analyzed and a startling realization was made – many people don’t need to be hacked to have their passwords figured out!
Believe it or not, one out of five Americans have easily guessable passwords – the electronic equivalent of leaving the key under the doormat. Some famously popular ones are: abc123, iloveyou, qwerty, and of course, password. (What – no poiuyt?)
The second most popular one is 12345. And amazingly, the most popular password is used by 1% of the population!! That’s right – one out of a hundred people reading this message have the password of (drum roll please…..) 123456.
Why do people use such easy to guess passwords? Security experts say that we are overwhelmed by the amount of data we need to keep in our heads and go for simplicity. With ATMs, PINs, and multiple websites being used by most of us, it is estimated that we now use ten times as many passwords as we did just a decade ago. So while simplicity is usually good, guessable passwords are causing hacking, credit card abuse and serious crimes such as identity theft in record numbers.
- Mix letters, numbers and even symbols in your passwords
- Don’t use real words or anything that can be guessed
- Have at least two different passwords – a simpler one for low security items and a more complex one for high security things such as banks and emails
- In cases where more than one person will know a password (such as your dental office software or office alarm system) don’t set it up with a variation of your personal passwords
Jeff Moss, founder of a hacking conference and a current member of the Homeland Security Advisory Council, relies on passwords at least 12 characters long, figuring that those make him a more difficult target than the millions of people who choose five- and six-character passwords.
“It’s like the joke where the hikers run into a bear in the forest, and the hiker that survives is the one who outruns his buddy,” Mr. Moss said. “You just want to run that bit faster.”
TIP: Check out Last Pass Password Manager (www.lastpass.com) – a free site that will help you manage your newly complex passwords. The only problem is – how will you remember your password to get into Last Pass?