Tactical Advice

Dear User: Your Password Stinks, Love IT

Make password protection policy a priority in your organization.
What Your Business Can Learn From the 25 Worst Passwords of 2011

When it comes to creating solid user account passwords, predictability and duplicability are two major blunders to avoid. If any user in your company thinks he or she is being clever by using the obvious “password” as their password, they should think again. Hackers, however, will certainly appreciate them for making their job easier.

Even slight variations, such as switching an “o” to a zero when spelling out predictable passwords — for example, “passw0rd” — won’t fool anyone. With password theft on the rise, these users could be compromising confidential company information in addition to personal records. Can your company afford to leave this IT security gap wide open?

Many IT workers already encourage co-workers to select strong, secure passwords, but many users ignore this advice and continue to use their easy-to-guess and familiar passwords.

But they’ve been put on notice with the release of the list of the 25 worst passwords of 2011, compiled by SplashData, a password management app maker.

These are the passwords that were successfully hacked, most often, according to SplashData’s study of millions of stolen passwords.

Have you run across any of these passwords in your company?

  1. password
  2. 123456
  3. 12345678
  4. qwerty
  5. abc123
  6. monkey
  7. 1234567
  8. letmein
  9. trustno1
  10. dragon
  11. baseball
  12. 111111
  13. iloveyou
  14. master
  15. sunshine
  16. ashley
  17. bailey
  18. passw0rd
  19. shadow
  20. 123123
  21. 654321
  22. superman
  23. qazwsx
  24. michael
  25. football

What Your Business Can Learn From the 25 Worst Passwords of 2011

There are some mysteries on the list, such as the oddly popular “monkey” and “shadow.” But many of the worst passwords are obvious, like those that include sequential numbers (“123456”) or common names (“ashley,” “michael,” and “bailey”), most likely the user’s own or that of a family member or friend. Other bad passwords are based on keyboard layouts, like “qwerty” and “qazwsx.” And with an increasing number of sites requiring more complex letter-and-number combinations, many users now have passwords along the lines of “abc123” or “trustno1.”

While this list is good fodder for a laugh or two, it highlights the fact that password protection is a necessity. Many companies still allow workers to choose their own passwords, and that can work if guidelines are provided to help users avoid the common mistakes of the 25 worst passwords.

Stop putting your information at risk and ensure that company IT security policies include clear rules on creating stronger passwords. BizTech magazine suggests making passwords more secure with these 5 tips:

  • Diversify your passwords: Mix upper or lowercase letters, numbers and special characters.
  • Use the maximum number of allowable characters: A pass phrase such as “D@dhad$a7shadsal@d” may be easier to remember than “g8Qa3&uP” — and longer passwords are much harder to crack.
  • Use special characters first: #, ! and %, for example, are particularly useful when used as the first character, such as “%squid17Ink.” Most password crackers work through alphanumeric character combinations first when trying a brute-force crack, so a special character makes it that much harder to bust the password.
  • Stand up to testing: You can check your passwords against a password cracker (there are many available online) to see how well they withstand brute-force attacks. You may be surprised.
  • Change regularly: Keep the hackers guessing by changing your password every so often. If you’ve been carrying around the same password for the past 3 years, it’s time to make a change.
Sign up for our e-newsletter

Security

Three Ways to Integrate Fire... |
Follow these tips to align the devices with log management and incident tracking systems.
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...

Storage

The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...
The Value of Converged Infra... |
Improvements in security, management and efficiency are just a few of the benefits CI can...

Networking

Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Hardware & Software

New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.
The Tools That Power Busines... |
Ever-evolving analytic software can greatly improve financial institutions’ decision-...