NEWS: Are your Pa55word5 good enough? Part 1
Many of us now have to deal with passwords for a large number of different systems be it work systems, email, CRM, Banking, eBay, Paypal etc. Isn’t modern technology great? In part two of this article we’ll cover better ways of dealing with the number of passwords. In the interim, let’s look at some best practices for improving the passwords we are currently using.
Here’s a list of the most common passwords. Hopefully you don’t have any of these?
Most common passwords |
||
123456 | 123456789 | qwerty |
12345678 | 111111 | 1234567890 |
1234567 | password | 123123 |
987654321 | qwertyuiop | mynoob |
123321 | 666666 | 18atcskd2w |
7777777 | 1q2w3e4r | 654321 |
555555 | 3rjs1la7qe | |
1q2w3e4r5t | 123qwe | zxcvbnm |
1q2w3e |
Use different passwords
The worst thing you can do, aside from telling other people your password, is to use just one password for everything. If you or one of your sites are compromised, then you may have just lost control of your life!
BTW. It amazes me that some sites and services still store passwords in a format allowing support staff to read them back to you! Imagine if you also used that as your banking password!
Use Strong passwords
- Be creative. Make them easy for you to remember but hard to guess.
- Many systems require 8 characters but use as many as you can handle
- Include Upper and lower case, numbers and symbols. The easiest method is to substitute numbers and symbols for letters such as $ for S and @ for A
- Use phrases or sentences such as: SuperE@syEm@ilP@ssw0rd2Remember
- Misspelled words make strong passwords
- Try Phonetic structures where you sound out the password “in your head”: CRE8BtrPwrd4Email
What to avoid
Avoid using Names, Places and dictionaries.
If your password uses personal information, much of this is available on Social Media. Worse still, some systems require you to answer questions in case you forget your password. This question will tell the hacker what information to go look for online.
Related tips:
- Use two factor authentication (2 step verification) for important systems. This usually requires a username, password and a code sent to your mobile phone.
- Emails asking you to re-enter your password are most likely a Phishing scam. Avoid clicking on links in emails.
- Password or finger print protect phones and tablets because most apps will let anyone who finds or steals them straight into your data.
- Log off devices once you’re finished