And the winner is ....
Every year we get to read all about the most common passwords of the year before. This release of info comes from several different companies who compile the information based on the known hacks of the previous year.
In this blog - I'm referencing a company called SplashData .
Their 2017 list was published late in December - and there are some doozies ( as per usual ) on the list.
We published the top 5 in an insta post.
Notable additions to the list ( since previous years) point to pop culture references - such as "starwars"
A note on using pop culture references in your passwords : Don't. Just, Please - Don't.
Hackers run through these common pop culture references as a matter of course - in addition to trying all the common standard ones like 12345, or Password.
And in case you're thinking your IT guy said to do letter and number substitutions :P@ssW0Rd is no more secure than pa55w0rd. Because the substitutions are easy to predict, and even easier to check all the permutations with a simple algorithm.
So here's the list of the top 25 for 2017, as released by SplashData - and again, our advice remains the same - find a Password Manager and/or Generator, and get comfortable with using it. Because your dog's name, your children's names and Birthdays, and your previous 3 houses or the suburb you grew up in are not safe to use as passwords.
1. 123456 (Unchanged)
2. Password (Unchanged)
3. 12345678 (Up 1)
4. qwerty (Up 2)
5. 12345 (Down 2)
6. 123456789 (New)
7. letmein (New)
8. 1234567 (Unchanged)
9. football (Down 4)
10. iloveyou (New)
11. admin (Up 4)
12. welcome (Unchanged)
13. monkey (New)
14. login (Down 3)
15. abc123 (Down 1)
16. starwars (New)
17. 123123 (New)
18. dragon (Up 1)
19. passw0rd (Down 1)
20. master (Up 1)
21. hello (New)
22. freedom (New)
23. whatever (New)
24. qazwsx (New)
25. trustno1 (New)
#ForReal.
Here's 4 suggested Password Managers and Password Generators - there are heaps - the key is to find one that you are comfortable using.
SplashData (Splash ID personal -- they do have a business version)
Password Managers are not a laughing matter.
What is a Password Manager ?
It’s a tool that you use to Store, Create and Manage Passwords across your accounts and multiple devices.
How do they Work ?
On a browser , you will install a plugin to the browser that will prefill the passwords for you , when you are logged into the Password Manager.
They are also available as apps across most smartphones and tablets, where you will be able to copy the password from your Password App and use in a mobile browser or app. There is usually a time limit on the app version , which will delete the password from your clipboard after a minute or so.
Why do you need one ?
- It’s hard to keep track of all your passwords
- Re-using passwords is not a good idea ( but we do it because of the aforementioned point re how hard it is to keep track)
- They can randomise passwords ( ie you only need to remember 1 password and all the others are random anyway)
- You will never need to reset a forgotten password again ( provided you haven’t lost the login or saved the wrong password to start with)
My top 2 recommendations :
Mac users - 1Password , which has a much slicker UI and works better on Mac than LastPass.
Windows users : LastPass works well across windows environments, also has a decent app for the iPhone and iPad - the Mac experience is a bit clunky