Recently, the United Kingdom’s National Cyber Security Center (NCSC) published a study of commonly used and hacked passwords. Using the study’s findings, the organization published a list of 100,000 passwords that it hopes digital service providers blacklist to protect users from themselves. Indeed, the agency noted “123456” was a password used with 23 million breached accounts.
The NCSC’s list also revealed popular given names like “jessica,” “jordan,” and “michael” are easy pickings for cyber attackers. Similarly, many users who picked the names of fictional characters like “superman,” “tigger,” and “batman” to secure their accounts have suffered data breaches. Furthermore, consumers who utilized the names of once relevant musical acts like “50cent,” “blink182,” and “slipknot” also had their personal information accessed by hackers.
Admittedly, it can be difficult to keep up with the latest data security standards. Especially since hackers are continually developing sophisticated new tools to bypass even the most robust encryption methods. However, users can protect themselves by taking steps to make their passwords stronger and less vulnerable to cyber-attack.
Don’t Use Personally Relevant Passwords
One key finding from the NCSC’s study is that the public makes their passwords easily guessable. While it makes sense for consumers to make their password something easy to remember, it’s a terrible data security practice. Using your first name, hometown, or favorite superhero as your email or online banking password only serves to make your accounts vulnerable to cyber-attack.
Hackers shouldn’t be able to guess your password after spending a few minutes browsing your social media pages. Accordingly, people shouldn’t make up passwords that are relevant to their personal or professional lives. Instead, take NCSC’s advice and use passwords made up of three random, but memorable words.
Avoid Easy to Crack Password Schemes
Another pattern uncovered by the NCSC’s study is the common use of passwords that seem strong but actually aren’t. For instance, “1q2w3e4r5t,” is a combination of the numbers and letters at the top of a QWERTY keyboard. Users might think it’s a robust password because it involves a mix of seemingly random letters and numbers. But because it uses an obvious keyboard path, it took 16th place on the agency’s list of easily cracked login credentials.
Similarly, antivirus company Avast does not recommend using common number-letter substitutions because brute force programs can crack them with ease. Leetspeak may have been an effective method of encryption 30 years ago, but using “D00R8377” as a password in 2019 is just asking for trouble.
Consumers can better protect their personal data by utilizing 15 character passwords that mix numbers and letters.
Don’t Use the Same Password for Multiple Accounts
Lastly, cybersecurity firm Norton advises consumers not to use the same password for their different accounts. Doing so makes it easy for hackers to access your entire digital life after they crack one of your login credentials. As such, the company suggests a simple solution that addresses the need for data security and user convenience; a quality password manager.
Norton offers a robust password manager that helps users create and store login credentials as well as credit card data. Dashlane, LastPass, and Sticky all offer login storage applications that come highly recommended by PC Mag and Digital Trends.
In an era where data breaches are commonplace, no system is 100 percent secure. But consumers can greatly reduce their risk factor of being hacked by making their passwords as strong as possible.