2016's 10 Most Common Computer Passwords

Every year, the cybersecurity community publishes the most commonly used passwords. This isn't just clickbait; it reveals something about the average web user and the sometimes-poor choices he or she makes regarding cybersecurity.

Below, CyberPolicy has gathered a few tips to boost your password protections and overcome cybersecurity challenges facing your business.

"You Shall Not Pass" Muster with These Anemic Passwords
Weak password protocol is one of the hardest cybersecurity challenges to overcome. Not because it is difficult to come up with more robust solutions, but because it is frustratingly tough to change user habits. If you use any of the passwords below, you should probably change them right now and hang your head in shame:

  • 123456
  • 123456789
  • qwerty
  • 12345678
  • 111111
  • 1234567890
  • 1234567
  • password
  • 123123
  • 987654321

Discouragingly enough, the same passwords seem to come up year after year.

Some people might think that a flimsy password is okay to protect their frivolous online accounts, but nothing could be further from the truth. The fact of the matter is that hackers are hungry for data - any data! And giving them an easy in could expose more valuable information than you know. Be honest, if you use weak passwords one place, you are probably using them everywhere.

Cracking your password is simpler than you might imagine. Even if no one ever sees your password, hackers can access your account with something known as a brute force attack. Think of it like this, if you had a padlock on your safe how long do you think it would take a stranger to test every possible combination until it opened? Probably awhile, but given the time, it could happen. Now swap the stranger for a robot that can try thousands of combinations in mere minutes. That's the power of a brute force attack!

Once your password is solved, cybercriminals will use your email and password combination to access as many sites as possible. Do you reuse your passwords for online banking, business accounts, social media pages, personal email or e-commerce websites? If so, a cybercriminal can break into all of these in a matter of minutes. It's a common scam known as credential stuffing.

So what are you going to do? Here are some tips to better protect your online accounts:

Never reuse a password. We cannot stress this enough.

Combining letters and numbers is sillier than you know. Hackers are smart and they can program bots to decipher numbers and symbols swapped to act like letters. So, if your password is K@tyP3rry, you are going to be hacked.

Eschew easily-cracked passwords for passphrases. This tip is recommended by controversial encryption-advocate Edward Snowden. Think of an unusual, easy to remember phrase that you can turn into a password. For example, \"Real orange juice is best from Florida\" could be "100%OJ_bestfmFL."

Use a password manager. It can be really tough juggling dozens of unique passwords. Thankfully, you don't have to do it yourself. Consider adopting a password manager.

Take advantage of two-factor authentication. Two-factor authentication has become increasingly popular in recent year because it adds an extra step to the hacking process. For example, if you enter your password online, the receiving service will send you a text to confirm your identity. This secondary check in the physical world is something you are likely to have next to you but a remote hacker would not.

Change your passwords regularly. Sometimes data leaks aren't exposed until years later (just ask Yahoo). It's possible that your password is floating out there right now, just waiting to be grabbed by nefarious hands. Updating your password regularly can protect you from this eventuality.

While cybersecurity challenges cannot be stymied forever, educating your employees and customers about better password protocol can greatly reduce the likelihood of data breach.

If a crafty hacker is able to infiltrate your organization, CyberPolicy can defend your most valuable assets. Visit CyberPolicy today to find out more!

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375