’123456′ defeats ‘password’ in battle for online security popularity
Passwords are a nightmare to remember, but the solution isn’t to pick something easily guessable.
Research from password management company SplashData has discovered that the majority of people undermine their online security with generic codes, and company CEO Morgan Slain highlights these failures.
Are we changing our habits at all?
The main trends are that short numerical passwords are continuing to show up, even though more sites are requiring stronger alphanumeric passwords. Passwords like “adobe123″ and “photoshop” showing up from the Adobe breach highlight the risks of basing a password on the app or website you are logging into.
What proportion of us are using insecure passwords?
According to some work our security researcher did:
- 8.5 percent of users have the passwords password or 123456;
- 9.8 percent have the passwords 123456 or 12345678
- 14 percent have a password from the top 10 passwords
- 40 percent have a password from the top 100 passwords
- 79 percent have a password from the top 500 passwords
- 91 percent have a password from the top 1,000 passwords
How much are these bad passwords costing us?
This is really difficult to estimate.
Everything needs a password these days. How are we supposed to remember them all?
The simplest answer here really is to use a password manager like SplashID Safe. Otherwise, it’s difficult or impossible to remember dozens of unique strong passwords. The pass-phrase tip from the release is also valuable. Not enough people take advantage of this easy trick. One way to create more secure passwords that are easy to recall is to use pass-phrases – short words with spaces or other characters separating them. It’s best to use random words rather than common phrases. For example, “cakes years birthday” or “smiles_light_skip?”