- The top three most used online passwords are ‘123456’, ‘password’ and ‘123456789’. If you are using one of these, or similar – you’re already in password danger.
- The most common phrases used to form passwords are ‘letmein’ and ‘iloveyou’
- The most common keyboard patterns are ‘qwerty’, ‘q2w3e4’ and ‘zaqxsw’
If you use one of the passwords above, or one similar – you are already in danger of having your
password easily compromised.
- Use a third-party password manager. Browser managers are limited and unreliable, and can be victim to security flaws with browser, extensions or third-party software
- Don’t base your password on relatable items (ie. street name, pet name, favourite food)
- Use a different password for every online account
- Use a passphrase rather than a password
- Activate two-factor authentication whenever possible
Password vs Passphrase
Previously it was thought to make a password out of an obscure reference, change some letters to numbers and add a few punctuation marks, and we would have a strong password. This might be the case, but they can be difficult to remember. Here are some examples:
would take less than 5 minutes to crack
would take 7 hours to crack, and good luck remembering what you changed.
would take several thousand years to crack, and is very easy to remember.
As you can see the last choice of using a passphrase is better than an obfuscated password of 10-12 characters. Many people, myself included, use phrases that have meaning like a quote out of a book, or a lyric from a song, something we will never forget.
Using a passphrase with a decent password manager, with 2FA, would render you bulletproof.