World Password Day – some password themed tips
It’s World Password Day, and as such, a great reminder about what to do about your passwords and more importantly, what not to do.
This very special day is also very timely. It comes only weeks after the first UK National Cyber Security Centre survey that posted a very exhaustive list of the most top 100,000 most commonly used passwords.
And yes, 123456 topped the list. What a surprise.
You can see the list in all its glory here.
Of course this leads us nicely to our first tip. Don’t use these passwords. It may be a tad expectant of us to assume all our readers will memorise this list of 100,000 passwords as a guide about what to avoid, but it demonstrates that a usually solid piece of advice about avoiding words you would find in a dictionary isn’t a great piece of advice if you ignore everything else.
After all, 123456 isn’t in the dictionary. And neither is gjkbyf. Or derrick. Or 1990. Or 1q2w3e4r5t.
Sponsored Content. Continued below...
But these are all in the list of commonly used passwords.
The problem with these passwords is that any software designed to break passwords using a brute force method is instantly going to use lists like this one. And while 100,000 is a very big number, with modern computing power, it still doesn’t take long for software to go through it from top to toe.
So how do we choose passwords? The key is being entirely random, and using a combination of (yes you’ve heard it before, we know) uppercase and lowercase letters, numbers and symbols. Avoid “patterns” on the keyboard, and avoid using information relating to yourself, such as your date of birth. And of course making sure your passwords are at a minimum 8 characters long.
Sponsored Content. Continued below...
The best way to achieve this (tip 2) is by using a password manager. Not only can a password manager store all your passwords (because let’s face it, we have so many online accounts these days) but they can generate strong passwords for you. A popular example of a password manager is LastPass.
Tip 3 is a given. Don’t share your passwords. Don’t give them to Facebook. Don’t write them down on a sticky note and glue it to your monitor. And please, please don’t write your passwords on a whiteboard, take a photo of it and upload it to social media.
Finally, make sure that your password isn’t the only thing someone needs to access your account. This means enabling two-step-verification or two-factor-authentication, meaning someone needs something else other than the password (a login code, usually) to access your account. Most services these days, including Facebook, Twitter and Google, support this security feature.