Doesn’t it seem like everything we do today requires a password? I would say that forgetting a password is like forgetting your keys, but it’s probably worse. We all know how important passwords are, but honestly, strong passwords that are impossible to guess are also impossible to remember. This is why some of our passwords aren’t as strong as they need to be.
That being said, there is a difference between a weak password and a worthless password. And, far too many people are using worthless passwords. Obviously, no one deserves to be a victim of online fraud or identity theft, but some people are almost inviting criminals to ruin their lives.
If you think this is being too harsh, think again. Look at SplashData’s Worst Passwords of 2016, which is based on over 5 million passwords that were posted or advertised for sale on the Internet.
This list makes it easy to understand how passwords can be rendered virtually worthless by being weak. It’s absurd to think anyone is actually using these passwords, but it’s true. Unfortunately, it doesn’t look like people are learning their lesson.
- 123456 and password remain atop the list of worst passwords for the third straight year.
- Though eight new passwords cracked the top 25 in 2016, including hottie, loveme and flower, seventeen of them made the list in 2015.
But wait, it gets even worse. These passwords are actually being used to protect a different kind of sensitive information. The kind of information that the world can know, but a spouse cannot.
Millions of passwords were leaked during the Ashley Madison breach. If you thought people would use strong passwords to conceal their infidelity, if not their account numbers, you’d be wrong. Here are the top 5 passwords revealed by the breach:
Passwords are the first line of defense against unauthorized access to our personal and professional lives. Passwords that are memorable are typically weak. They must be strong to be effective. According to Microsoft, a strong password:
- Is at least eight characters long.
- Doesn’t contain your user name, real name or company name.
- Doesn’t contain a complete word.
- Is significantly different from previous passwords.
- Contains uppercase and lowercase characters, numbers and symbols.
There are various insurance products specifically designed for identity theft and other cyber threats. Quite frankly, we’ve gotten to the point where everyone should have this kind of insurance coverage. Nevertheless, even though insurance can help you recover after an incident, preventing incidents from ever happening should still be the goal.
To hackers and identity thieves, accounts protected by weak passwords aren’t really protected at all. Weak passwords only provide the illusion of security. It’s like hanging your spare key from the door knob. What’s the point of even having a lock?