Lousy Passwords Continue to Confound Security Experts
The annual list of lousy passwords is out and many of the same poor choices continue to make up the worst of the worst.
Year after year, cybersecurity experts warn people to use strong passwords to protect their online identity, but year after year, lousy passwords keep popping up.
The worst password of 2017 is “123456.” It was also the worst password of 2016, but for some reason, people still don’t seem to get the message that it’s a bad choice if you want to protect your online identity from prying eyes.
Among last year’s lousy passwords, only two were actually words: password and qwerty, both of which ranked in the 10 worst.
In 2017, password jumped to 2nd place and querty jumped to 4th. Letmein ranked 7th place, football ranked 9th and iloveyou ranked 10th. Check out the full list of the top 25 here.
The remaining contenders for the 10 worst were all numeric. But just in time for The Last Jedi, the password starwars made the list of the 25 worst passwords at 16th place.
Experts say that a strong password consists of at least six characters that are a good combination of letters, numbers and symbols — the more characters that the password contains, the stronger the password. Some security experts recommend using a phrase as your password instead of just one word. (And if you can mix in random special symbols and numbers through the phrase, your password is that much more secure.)
One problem, though, with having to maintain stronger passwords is that it becomes more difficult to remember them, since security experts also say you should not use the same password on different platforms and accounts.
I use a web plugin called LastPass, which stores passwords; it can also generate random, complicated passwords for you, then store them so you don’t have to remember them. I generally set my own passwords, but I do tend to create complicated passwords for myself.
If your password is on the list, please do yourself a favor and change it: sooner or later, someone’s going to get into an account you don’t want them to see, and if it happens, you’ll have only yourself to blame for it.