I'm late to the party. Fancy not realising it's World Password Day! Well, I'm not going to let the fact that it's 5pm stop me bashing out a quick blog post on the subject of passwords.
So... passwords... they're like a***holes. We've all got one. And in some cases I mean that quite literally. Some of us seem to only have one. Password that is. Not the other... moving on.
59% of people apparently, more than half(!!) of you use the same password for everything! Unbelievable. Talk about giving the criminals an easy ride! Please, take my money!!! And whilst that number is very high, it seems that almost everyone knows that this is a bad thing! So why do it? Well, in a word, "convenience".
Who needs the hassle of remembering multiple passwords
I agree with this, I don't need to be having the grief of thinking up new passwords for every service. I've got better things to do. So what do I do? I use a password manager app. There's plenty of them out there. Just Google it. There's online managers, offline managers... I'm sure I already wrote a post referencing a couple of good ones.
Reach out to me if you want to talk about it, I'm not going to get into features and benefits here. Just know this, once you get using a good password manager, you won't look back.
What other bad practices are people guilty of when it comes to passwords I hear you ask? Well, I'll list a few.
Making passwords easy to guess
Patterns. People tend to use common patterns with their passwords. This could mean taking them from the keyboard... think "ASDFGHJKL" or "123456" or maybe worse "111111".
Football Clubs. It's amazing how many people use their favourite football club as their password. And then go and set their social media profiles to be the badge of the club!
Hobbies or names of family members or pets are also commonly used. Again, these are also commonly found by trawling social media profiles. If you're one of those who uses these examples, stop it. Now!
Making passwords easy to crack
The average password can be cracked in less than six hours. I know for certain that many can be cracked in far less time than this, particularly if they're known passwords or basic dictionary words. In fact, "Dictionary Attack" is the name of one of the most common ways of cracking a password. Attackers will use "dictionary file" of known passwords to guess the passwords used by individuals. You can get files with millions of combinations in them, it's just a case of sitting back and waiting for the jackpot!
Thwart their evil plans by using long complex passwords that are unique every time. A 15 character password made up of random uppercase, lowercase, numbers and symbols will be infinitely harder to crack or guess. The great news is, most password managers can generate these types of password for you easily. And then they store them for you too! You won't ever need to even see the password!
Sharing Passwords with Others
Don't do this. I know it might make your life easier, but it's just not a secure way of doing things. There are many ways to share access to data or systems and none of them should mean you have to share your password. Sharing passwords is like sharing underwear. You just shouldn't do it. Euch!
What are the most commonly used passwords?
In 2019, the most common passwords found in online breaches were as follows:
Check out https://www.haveibeenpwned.com/passwords to see how many times your password has been discovered in previous data breaches. If it comes up, best change it quick!
A lovely infographic poster from the NCSC (National Centre for Cyber Security)