2017 hasn’t been a good year for data security. There have been security breaches at companies large and small. Often, the data stolen includes usernames and passwords.
Look, I get it. Passwords are annoying, but they’re an important line of defense keeping bad actors away from your information. The better the password, the harder it is for someone to crack it. As computing power gets faster and stronger, cracking billions of variations a second is trivial for many systems. I blogged about this earlier this year.
Despite warnings on many sites when you create an account, people are still using bad passwords. And what’s worse, they use the same password on many sites. This means if someone cracks your password, they could gain access to many different websites and services.
SplashData is out with its list of the worst passwords of 2017 (some NSFW passwords), and while there aren’t many big surprises, it’s disappointing to see people still using 123456 as the most popular bad password this year. I did like that people are using starwars as a password.
Here’s the top 5:
123456
password
12345678
qwerty
12345
123456789
Bad, right? I use Wolfram Alpha’s tool to measure password strength, and it says that it would take just 400 seconds to crack your password if it was 123456789 when trying 100,000 passwords a second. The time for 123456? 1 second. Not good.
Securing Your Passwords
Securing your passwords isn’t terribly hard to do. It requires a little diligence, but once you fall into a practice, it will become second nature.
First, you should use strong passwords. I find the challenge is remembering long, complicated passwords. I can barely remember what I had for breakfast. To make life easier, I use an app, 1Password, that syncs my passwords across multiple machines and my phone.
If you asked me for my banking or Facebook password, I couldn’t tell you what it is. They’re both 30 character strings of numbers, upper and lower case letters, and special characters. 1Password will also generate passwords if you need. LastPass and KeePass are also apps in this space.
If you want to remember your passwords, or maybe write them down, I’d recommend using a tool to generate strong passwords. I use RandomKeyGen.com to generate passwords for sites as I use and as well as when I create user accounts. That site will generate all sorts of passwords and keys for you, ranging from shorter passwords that are strong and memorable all the way to crazy “fort knox” passwords, like this:
H>>;0Y|w]&UMf=H!yj^JmhSIM>[A7o
That crazy password is the kind you store in 1Password. It’s super strong, and when I run it through Wolfram Alpha, it says it will take 4.955 x 1046 years to crack this password. You know it’s a strong password when the number of years is shown as an equation. That is never being cracked. Even by the First Order. What? I had to keep the Star Wars memes going.
If your password is on the list of the worst passwords this year, consider using better ones. If you are using strong ones, it’s a good idea to update them regularly. Many programs like 1Password will let you know how long its been since you changed your password at a site, which is a helpful feature.