Are you using an easily-guessed password?

Updated
password box
password box



Would you use the password 123456? It's hard to believe, but this actually tops the list of last year's most common passwords, being used by a staggering 17% of users. Other beauties in the top ten include 'qwerty', '11111' and 'password'.

More than half of people use one or more of the top 25.

As Keeper Security, which compiled the list, concludes: "a sizable minority are never going to take the time or effort to protect themselves."

Some people think they're being clever by picking, for example, '987654321' - but this is unlikely to do little to baffle any fraudsters.

"Dictionary-based password crackers know to look for sequential key variations," says Keeper. "At best, it sets them back only a few seconds."

The more random passwords on the list - 18atcskd2w, for example - are believed to have been use by bots, probably for posting spam on chat boards.

Whatever else you leave in your will - don't forget your passwords

If you're using any of these passwords yourself, it goes without saying that you should change it. But what should you change it to?

Best advice is to create a password with a mix of uppercase and lower case letters, along with numbers and typographical characters such as '&' or '+'.

Avoid ordinary English words: fraudsters typically try a range of common passwords first, then start working through the dictionary. And you should never use anything that could be guessed from Facebook or elsewhere, such as the name of a pet or a favourite sports team.

One clever trick is to generate a password from a sentence you're sure to remember: 'my rent at home is £500 a month', for example, becomes 'mr@hi£500am', for example.

Don't use the same password across multiple sites: if one site is cracked by hackers, they'll try the same password on other accounts.

Don't keep changing your password, advises GCHQ

But there's some disagreement as to whether you should change your passwords regularly - something that used to be generally advised. Last year, security service GCHQ said it can be dangerous, because our memories simply aren't up to the job.

"The new password is... more likely to be written down, which represents another vulnerability," it says.

"New passwords are also more likely to be forgotten, and this carries the productivity costs of users being locked out of their accounts, and service desks having to reset passwords."

Of course, you can always use a password manager, such as Keeper's own.

Why are we still telling people our passwords?

The top 25 most common passwords of 1016

1. 123456
2. 123456789
3. qwerty
4. 12345678
5. 111111
6. 1234567890
7. 1234567
8. password
9. 123123
10. 987654321
11. qwertyuiop
12. mynoob
13. 123321
14. 666666
15. 18atcskd2w
16. 7777777
17. 1q2w3e4r
18. 654321
19. 555555
20. 18atcskd2w
21. google
22. 1q2w3e4r5t
23. 123qwe
24. zxcvbnm
25. 1q2w3e



Advertisement