Search This Blog

Thursday, December 22, 2011

25 Worst Passwords of 2011

Is your password in the silliest list?

Internet security firm SplashData created the rankings of the 25 most idiotic passwords based on millions of stolen passwords posted online by hackers. Here is the complete list:
  • 1. password
  • 2. 123456
  • 3.12345678
  • 4. qwerty
  • 5. abc123
  • 6. monkey
  • 7. 1234567
  • 8. letmein
  • 9. trustno1
  • 10. dragon
  • 11. baseball
  • 12. 111111
  • 13. iloveyou
  • 14. master
  • 15. sunshine
  • 16. ashley
  • 17. bailey
  • 18. passw0rd
  • 19. shadow
  • 20. 123123
  • 21. 654321
  • 22. superman
  • 23. qazwsx
  • 24. michael
  • 25. football

In England, names of popular football teams (arsenal, liverpool) are also highly vulnerable.

SplashData CEO Morgan Slain urges businesses and consumers using any password on the list to change them immediately.

“Hackers can easily break into many accounts just by repeatedly trying common passwords,” Slain says. “Even though people are encouraged to select secure, strong passwords, many people continue to choose weak, easy-to-guess ones, placing themselves at risk from fraud and identity theft.”

Tips: 

Short words should be separated with symbols, eg. let##me%in/? is a whole sight stronger than letmein.  Underscoring the spaces works, too.

Avoid using info that is readily available, such as your address, your birthdate, or your social security number.

Make your passwords at least 8 characters long, mixing upper and lower case, and adding symbols if the site allows it

Don't use the same password for multiple sites.  H'm, that's a hard one for me ...  However, there are password manager apps to help you remember what password works for which site, and SplashData (of course) has one available.

No comments: