Look into my eyes, the eyes, not around the eyes, look into my eyes… you’re under. You must change your useless password from ‘123456’ to something tougher to crack. Three, two, one… you’re back in the room.
As obvious as that advice might seem, around half of us use the same (or very similar) passwords for all the websites we log into. But worse than that, many of these passwords are weak and easy to guess.
I won’t lie, I only use around four passwords for all my online accounts. And I don’t change them anywhere near as often as I should – though I do like to think that they each sport a relatively secure combination of characters. But not everyone’s that careful.
Password = ‘password’
Data security firm Imperva has found that almost a third of us use passwords with six characters or less. And then around half bring names, slang words, dictionary words or ‘trivial’ passwords (such as adjacent keyboard keys) into play.
It’s these trivial passwords that are the most shocking, with the ten most common weak online passwords (based on leaked details from rockyou.com) being the following: 123456, 12345, 123456789, Password, iloveyou, princess, rockyou, 1234567, 12345678, and abc123.
Sure, rockyou.com may not be as important to keep secure as your online bank account, but come on, make an effort! Our principal money researcher Martyn Saville had this to say about the discovery:
‘This research is breathtaking. If you’re going to use a password like “123456” or “password”, you might as well tattoo it on your forehead. There are enough threats to our online security around without making it so easy for fraudsters to steal your identity and your cash.’
How to secure your password
So, what should you do to create secure passwords when you’re online? If possible, use a different password for each website you visit (though I understand that it may be hard to remember all of them). Use a combination of numbers and letters, upper and lower case and even special characters (such as &%$£_). Avoid words that someone close to you could guess (like family names, birthdays, or nicknames).
And here’s a savvy tip from security expert Bruce Schneier:
‘Take a sentence and turn it into a password. Something like “This little piggy went to market” might become “tlpWENT2m”. That nine-character password won’t be in anyone’s dictionary.’
So what’s the most un-secure password you’ve used? Oh, and only reveal your rubbish password if you’re no longer using it. I didn’t need to tell you that did I?