You know what’s scary? This list of commonly used passwords in 2015. It’s ignorant. It’s lazy. It’s irresponsible. Your passwords, of course, weren’t listed because you are a smart, security aware individual who is reading this for the sheer enjoyment and celebration of a day dedicated to the cause of reminding people that their password(s) probably suck.
Or maybe you just need a subtle reminder that they are, in fact, super easy to crack. Or that having your account hacked could lead to more than someone messing with your Facebook friends, it could lead to something as terrifying as sextortion and cyberstalking.
Yeah. Passwords are kind of a big deal.
Did you hear the one about the athlete that lost nearly $8 million after his Twitter and Instagram accounts were hacked?
It went down like this: Laremy Tunsil, an all-star offensive lineman from the University of Mississippi, was projected to be one of the top picks in the recent NFL Draft. But, just minutes before the draft began, someone hacked his Twitter account and posted a video of him (likely) taking part in illegal activities (smoking bongs is something the NFL frowns upon). This sent Tunsil’s draft stock into a free-for-all.
Instead of being a top pick, he fell to 13th overall, an estimated $8 million slip (and maybe the most expensive bong hit in history?). If that wasn’t bad enough, after the draft, Tunsil’s Instagram account was hacked and two photos were posted, showing a conversation between him and a school official regarding his mom’s finances.
Now, how much do you want to bet his Instagram password was the same as his Twitter password? And how long do you think it had been since he changed that password? In the end, a lack of security awareness will cost him millions.
Mr. Tunsil, you may be good at football, but you suck at password management.
How To Not Suck At Password Management
“To err is human. But to really foul things up you need a computer” – Paul R. Ehrlich
Here’s the thing, you’re a human. So mistakes are in your nature. Especially when it comes to memory, which is why so many of us set up an account for the first time and never change the initial password. While “set it and forget it” might make great chicken, it’s a horrible security practice.
Think about it like this: the average user has 25 online accounts—most of which are shopping sites—but only six unique passwords to protect them. Even worse, 77 percent of us have a password that’s at least a year old, and 47 percent of us have a password that’s at least five years old (according to this study). These passwords suck.
There’s an easy fix for this; it’s called a password manager.
Password managers generate strong, unique passwords and sync them across all of your devices. They are inexpensive, easy to use and eliminate the need to remember all but one master password (a very strong master password, of course). They also keep track of how old your passwords are and automatically log you into your accounts (with your permission) thanks to their nifty browser plugins.
Here’s a list of the best password managers for 2016. Most of them offer a trial version without any financial obligation. Check them out, find one that works for you and begin your new life as a password manager all-star. (Included in that list is our good friends from Sticky Password. Check out their blog!)
Five Easy Steps to Stronger, Better Passwords
- Use a password manager. Duh. Why wouldn’t you?
- Use passphrases instead of passwords. A passphrase is a sequence of words used in place of a passcode. The longer the passphrase, the harder it is to crack. Adding punctuation, characters and numbers is highly encouraged.
- Change your passwords often. Get into a routine. Once a year is not enough.
- Enable two-factor authentication. Also known as 2FA, this system requires two forms of passcodes in order to unlock a service. For example, some websites will send a pin to your mobile phone as the second factor of authentication. That way, if a criminal has cracked your password, they won’t have the PIN and therefore won’t have access to your sensitive data.
- Use a different password for every account. The temptation is to use one or two passcodes for everything. But that would be sort of like locking just the two front doors of your four door car—an ineffective approach to security.
Does Your Password Suck?
If you’re not sure then the answer is yes. But even if you are sure, the answer is probably still yes. That’s why we created this awesome flow chart, which you can download for free!
For more information about password management and security awareness, check out our website: https://thesecurityawarenesscompany.com
Latest posts by Justin Bonnema (see all)
- Incident Response: Time Is Not On Your Side - April 1, 2019
- 5 Traits of Security Aware Parents - March 14, 2019
- Bad Habits of Senior Managers That Put Security of Organizations at Risk - March 1, 2019