Tech & The Web

Lousy Passwords Continue to Confound Security Experts

The annual list of lousy passwords is out and many of the same poor choices continue to make up the worst of the worst.

Year after year, cybersecurity experts warn people to use strong passwords to protect their online identity, but year after year, lousy passwords keep popping up.

The worst password of 2017 is “123456.” It was also the worst password of 2016, but for some reason, people still don’t seem to get the message that it’s a bad choice if you want to protect your online identity from prying eyes.

Among last year’s lousy passwords, only two were actually words: password and qwerty, both of which ranked in the 10 worst.

In 2017, password jumped to 2nd place and querty jumped to 4th. Letmein ranked 7th place, football ranked 9th and iloveyou ranked 10th. Check out the full list of the top 25 here.

The remaining contenders for the 10 worst were all numeric. But just in time for The Last Jedi, the password starwars made the list of the 25 worst passwords at 16th place.

Experts say that a strong password consists of at least six characters that are a good combination of letters, numbers and symbols — the more characters that the password contains, the stronger the password. Some security experts recommend using a phrase as your password instead of just one word. (And if you can mix in random special symbols and numbers through the phrase, your password is that much more secure.)

One problem, though, with having to maintain stronger passwords is that it becomes more difficult to remember them, since security experts also say you should not use the same password on different platforms and accounts.

I use a web plugin called LastPass, which stores passwords; it can also generate random, complicated passwords for you, then store them so you don’t have to remember them. I generally set my own passwords, but I do tend to create complicated passwords for myself.

If your password is on the list, please do yourself a favor and change it: sooner or later, someone’s going to get into an account you don’t want them to see, and if it happens, you’ll have only yourself to blame for it.

Leave a Response

We'd love to hear from you, but remember all comments must be respectful. We reserve the right to remove comments that do not follow our comment guidelines. Click here to review our comment policy.

Your name, as provided, will display on the website with any comment you leave. Your email address and your browser’s IP address does not display publicly and we do not share or sell your email address or IP address to anyone.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Patrick is a Christian with more than 27 years experience in professional writing, producing and marketing. His professional background also includes social media, reporting for broadcast television and the web, directing, videography and photography. He enjoys getting to know people over coffee and spending time with his dog.