What is it about seeing other people’s poor password usage and trends that is so entertaining? There is always something intriguing every year about reading the lists of the most popular passwords, and realizing how clueless, for lack of a better word, people are when it comes to safeguarding accounts.
We’re taking a look at Keeper Security’s password trends report for 2016—not for the sake of mocking the folks who have, yet again, chosen “12345” as their password, but to help raise awareness of smart password usage.
Top 10 passwords in 2016
The list has not changed much from last year’s… are you guilty of using any of these passwords?
- 123456
- 123456789
- qwerty
- 12345678
- 111111
- 1234567890
- 1234567
- password
- 123123
- 987654321
The problem is not just the user…
Nearly 17 percent of people are still safeguarding their accounts with “123456.” What Keeper Security found, however, is that many website operators are not enforcing password security best practices.
- The list of most-frequently used passwords has changed very little over the past few years meaning user education has limits. While our industry is aware of risks, many users outside of security are not going to take the time or effort to protect themselves. IT administrators and website operators must be encouraging and educating users to do so.
- Seven of the top 15 passwords on Keeper’s list are six characters or shorter. Keeper Security has reported that with today’s software, hackers can unscramble those passwords in seconds. Website operators should be requiring longer passwords from their users.
- Users are still using passwords like “1q2w3e4r” and “123qwe”, which shows they know that they should be using unpredictable patterns to secure passwords, but their efforts are poor.
If your employees, friends or family do not understand the importance of strong and difficult passwords, there are a few tips you can give them: Include numbers, symbols and upper- and lower-case letters; make your password at least eight characters long at a minimum; avoid complete words or combination of words; never contain your name, username or company name.
Leave a Reply