The recent spate of social network and website hackings is a timely reminder to take a second look at your password selection habits.
ESET posted this list of passwords after Yahoo Voices was hacked earlier this month found these to be the most popular passwords among the 450,000 accounts breached:
- 123456 = 1666 (0.38%)
- password = 780 (0.18%)
- welcome = 436 (0.1%)
- ninja = 333 (0.08%)
- abc123 = 250 (0.06%)
- 123456789 = 222 (0.05%)
- 12345678 = 208 (0.05%)
- sunshine = 205 (0.05%)
- princess = 202 (0.05%)
- qwerty = 172 (0.04%)
Hopefully you aren’t using anything as obvious as one of the above! Are you?!
This is how I feel whenever I talk about password policies. pic.twitter.com/E99hfSsEyg
— Mark Burnett (@m8urnett) April 11, 2022
Logical sequences like patterns on a keyboard, names of yourself and loved-ones, dates-of-birth, even seemingly random chains of words that can be looked up in a dictionary can all be hacked quite easily with automated processes.
At the very least you should be using a combination of lower and uppercase letters, numbers and symbols (!,#,$,%, etc.) in your passwords.
Also using the same password for every site is not a good idea – if one gets hacked all the others can be potentially accessed too. After all, if someone has an account on a service like GMail, Hotmail, Yahoo!, LinkedIn, Facebook or Twitter, chances are they are using at least one of the others.
Changing passwords regularly every few months is also highly recommended.
As a precaution, do not click on links in emails that ask you to log in to a website since they may well be phishing scams. Always enter the URL of the site in question directly into your browser window and log in from there.
We hope these few short pieces of advice help you stay more secure online.
Stuck for ideas? Here’s a fun, short video from the security team at Mozilla with some hints on how to choose a stronger password.