Mobile password management firm Splashdata has released its annual list of the 25 most common passwords found on the internet, finding that ‘123456’ has knocked the 2012 winner ‘password’ off the dubious number one slot.
The other ‘winners’ are:
|Rank||Password||Change from 2012|
Splashdata’s CEO Morgan Slain notes that an ‘interesting aspect of this year’s list is that more short numerical passwords showed up even though websites are starting to enforce stronger password policies’. In addition to this he noted that ‘Seeing passwords like “adobe123” and “photoshop” on this list offers a good reminder not to base your password on the name of the website or application you are accessing’.
It is truly enough to make any security professional cry. Fortunately, help is at hand…
Some advice on choosing a secure password
Okay, we have all been told this often enough to make us want to pull our hair out – we should use long complex passwords, with combinations of standard letters, capitals and numbers… and we should use a different such password for each service we use… arrgh! Given that many of us find remembering our own name in the morning challenging (as this survey clearly shows), this kind of advice can be considered next to useless.
There are however some fairly easy methods you can use to help improve your password security…
Low tech solutions
- Insert a random space into your password – this simple measure greatly reduces the chances of anyone cracking your password. Not only does it introduce another mathematical variable into the equation, but most would-be crackers assume that passwords consist of one contiguous word, and therefore concentrate their efforts in that direction
- Use a phrase as your password – even better, this method lets you add lots of spaces and use many words in an easy to remember manner. Instead of having ‘pancakes’ as your password, you could have ‘I usually like 12 pancakes for breakfast’ instead, to immensely increase your security
- Use more than 4 numbers in your PIN – where possible, use more than four numbers for your PINs. As with adding an extra space to words, this makes the code mathematically much harder to break, and most crackers work on the assumption that only 4 numbers are used.
High tech solutions
Where mortals fear to tread, software developers jump in with both feet! There are a plethora of password management programs available, but our pick of the bunch are:
- Firefox password manager – the password manager built into Firefox is one of the easiest ways to store your passwords for each website you visit, and it works very well. Do be aware however that you should set a master password to prevent just anyone peeking at your passwords in Firefox’s options dialogue. In addition to this, it is probably a god idea to back up your Firefox passwords every now and again
- KeePass (multi-platform) – this popular free and open source password manager will generate complex passwords for you and store them behind AES or Twofish encryption. It is a shame that KeePass doesn’t integrate with your browser, but it is possible to import saved Firefox passwords into it. KeePass itself is Windows only, but KeepassX is an open source clone for OSX and Linux, as are iKeePass for iOS and Keepass2Android for Android.