Recently, password management security company, SplashData, has released its annual Worst Passwords List for 2015. You would think that internet users are getting a bit more sophisticated over time and thus, moving away from insecure passwords like ‘123456’ or ‘password’.
However, that does not seem to be the case – both passwords continue to reign supreme as the most commonly used password since 2011. Other passwords that have made it into this wall of shame include: trustno1, batman, 696969, superman, qwerty etc. We suspect that the internet users are eagerly awaiting the release of a specific film.
To be effective, passwords should be complicated and unique – a basic guideline is to form a password using 8 characters from a mix of alphanumerics and special symbols.
Some corporations have also implemented a policy forcing their staff to update their passwords on a regular basis. Although this might seem rather tedious, in light of recent data breaches at major corporations, such precautions would go a long way to help increase IT security.
As System Administrators, we have been receiving the brunt of most complaints when users are forced to update their password again.
“I’m running out of passwords” “Why can’t I recycle an older password?” “Do we really have to change so often?” “Aiyah, why do we need special characters?”
THE PROBLEMS WITH STRONG PASSWORDS
- You start to run out of ideas. How do you come up with a strong password without resorting to one that has been featured in the wall of shame?
- You have a good password but it’s difficult to remember it. How do you keep track of each unique password for your various accounts, especially if you need to update your passwords regularly?
TIP 1: Combine a set of words using special characters before tagging it with a number.
You can make use of a catch phrase from your favourite movie or a line from your favourite song.
With this, you’re getting combinations like ‘Bond^James^Bond07’ or ‘I$Am$Groot44’.
If the phrase is a tad too long, let’s abbreviate them instead, e.g. WtwnniL77 (a.k.a What The World Needs Now Is Love).
Can’t think of a movie quote or a song? Don’t beat yourself up over it. Simply pick two of your favourite items and apply the same tactic. It could be your favourite online game or tv show.
With this, you’re getting combinations like Pizza(Spotify45 or Friends#Lions33.
TIP 2: Use a password manager to store your uniquely created passwords.
Password managers like LastPass or DashLane are able to store and key in your login details. Some of these applications will also act as a first layer of security by sending you notifications if you are using a password.
These password managers will encrypt your password database, providing you with something akin to an exclusive master key. All of the encryption will take place locally; these applications will not have any access to your master key. This means that if their servers were hacked (*touch wood*), your database would remain out-of-reach. That said, you might want to think twice before using any of these passwords featured here as a master key.
There are various applications to pick from; some offer basic services for free. We’ll take a closer look at some of them soon!
