Would you leave the keys to your brand new car in the ignition with the doors unlocked, making it easy for a thief to hop in and drive away? We’re guessing the answer is no, yet many of you are doing exactly that when it comes to the passwords you choose. Don’t believe us? Consider a review of the most common passwords used in 2016 done by the IT security experts at Keeper Security. Their analysis of passwords that were exposed through one of the many recent data hacks revealed some very interesting things:
- The most frequently used passwords don’t seem to change much year over year. That is especially problematic because lists of passwords are regularly being released by hackers, so it becomes very easy for cybercriminals to quickly identify common passwords. And if you happen to use one of these insecure passwords, it’s only a matter of time before your account is breached.
- Many users are lazy (let’s just call it like it is) and unless a website specifically prohibits them from doing so, they will create short, weak passwords that are easy for them to remember (and equally easy for hackers to crack). While it’s easy to blame the users, this is just as much of an administrator problem as anything. If website operators don’t allow these types of passwords to be used, then users will be forced to use stronger passwords. So if you manage your company’s website (or other secure programs), make sure you are holding your users accountable and requiring strong passwords.
- Seemingly random passwords (that are provided to you by websites or email providers when you first enroll, for example) may not be as random as you’d like to think they are, as they seem to arise much more frequently than truly random passwords would. It might seem obvious, but ALWAYS change this password the very first time you log in, especially if you are an administrator.
You’ll never be able to keep everyone and everything 100% safe, but by taking a few simple precautions, you can significantly reduce your risk. And to everyone who says they can’t keep up with all the strong passwords for the various programs, systems and websites that require login credentials, we once again encourage you to invest in a password manager. For a nominal charge, you can store all your passwords in one secure location in the cloud and all you need to do is be able to remember a single strong password to protect all the rest.
Don’t leave the keys to your IT castle unsecured in 2017. Start the new year off right with the use of strong passwords.