fbpx

Don’t wait any longer. Get started today!

 
 

Directive Blogs

Directive has been serving the Oneonta area since 1993, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Protect Yourself with Secure Passwords

Despite the increasingly vast trust we put into the Internet to keep our personal and business information safe and secure, many users take their passwords very lightly. In an analysis studying over 32 million passwords from RockYou, a company that develops software for social networks, it's been discovered just how little effort is put in to keep things secure. The results are shocking.

Most Common Passwords used on RockYou:

  1. 123456
  2. 12345
  3. 123456789
  4. password
  5. iloveyou
  6. princess
  7. rockyou
  8. 1234567
  9. 12345678
  10. abc123
  11. nicole
  12. daniel
  13. babygirl
  14. monkey
  15. jessica
  16. lovely
  17. michael
  18. ashley
  19. 654321
  20. qwerty
  21. iloveu
  22. michelle
  23. 111111
  24. 0
  25. tigger
  26. password1
  27. sunshine
  28. chocolate
  29. anthony
  30. angel
  31. FRIENDS
  32. soccer
Source: Imperva

RockYou has been criticized in the past for having poor privacy practices. An unknown hacker managed to get in and steal millions of user accounts and passwords, and then posted them on the Internet publicly (This goes to show you that website security is extremely important, especially if you allow your visitors and clients to access your site). Imperva, a company that develops software for preventing hackers and has been running studies like this for over a decade, took the list and put together the top 32 most used passwords. Imperva states that the data set from RockYou is pretty similar to the rest of the Internet.

123456

If anyone remembers that infamous scene in the film 'Space Balls' where Mel Brooks recites the password (12345) that gives him access to an entire planet, he shrugs off the fact that it's also the same password as his luggage. The joke isn't very far off, since the study shows that '123456' represents 1% of passwords used. Of course, right up there on the list is '12345,' the creative adaptation '654321,' and of course the nefarious 'password.' In fact, 20% of the 32 million people used a tiny pool consisting of 5,000 passwords. A hacker could easily fire off thousands of password guesses in a matter of minutes, meaning these users might as well not have a password in the first place.


The problem branches out much further, however. RockYou, as mentioned, had insufficient privacy restrictions and security. Email addresses and some other information came bundled with each password that the hacker posted. How many times do you use the same password? It's not a complete shot in the dark to assume that the user has the same password for their email, their online bank accounts, their paypal account, and so forth.

Source: Space Balls, MGM

Best Practice

If it isn't obvious, having a secure password matters. Use a combination of letters and numbers, and if the site gives you the option to enter 6-18 characters, don't be compelled to stop on the sixth. Don't use common words, names, or sequential numbers, and always combine numbers with letters (and symbols if possible). Some sites won't allow you to pick common passwords, and others may take action to block an account if too many incorrect guesses are made, but the real line of defense is having a strong password for each account. At least have two or three so your email, bank accounts, and social networking sites are all using separate passwords, although it's best to have a different password for each account, just in case.

Next time, I'll show you a few ways to keep track of your passwords securely.