The Business-Technology Weave

Dec 5 2011   8:26AM GMT

PC Magazine’s “The 25 Worst Passwords of 2011”

David Scott David Scott Profile: David Scott

 

We’ve discussed password liabilities before:  Consider that many people use the same password (and often User ID) for multiple accounts.  This can include online bank credentials, work accounts, social networking sites, other critical sites such as ebay and PayPal…

 

A breaching entity can hack one account, gain credentials, and then spin them through all other associated user accounts they identify.

 

Of course, password liabilities also include easy-to-guess things, which are subsequently hacked – either by manual human activity, or password-breaking softwares that simply tumble random words/characters, through authentication mechanisms.  This morning, while having my auto serviced, I tried “password” in trying to gain access to a couple wireless networks in the vicinity – alas, no luck – but worth a try.  Consider:  About 5 years ago, Slovak hackers gained access to Slovakia’s National Security Bureau (NBU).  The NBU maintains a huge body of classified information, which is supposed to enjoy strong security.  However, the hack and breach wasn’t particularly sophisticated:  The respective login ID and password was nbu/nbu123.  

 

Might want to put a little thought into your organization’s passwords and their associated strength:  Set a minimum amount of characters, and consider making some measure of required special characters (!@%, etc.).  Also, see the four basic requirements at the bottom of this article for maintaining a solid password security posture.

 

Here are PC Magazine’s worst passwords of 2011:

 

  1.  password

  2.  123456

  3.  12345678

  4.  qwerty

  5.  abc123

  6.  monkey

  7.  1234567

  8.  letmein

  9.  trustno1

10.  dragon

11.  baseball

12.  111111

13.  iloveyou

14.  master

15.  sunshine

16.  ashley

17.  bailey

18.  passw0rd

19.  shadow

20.  123123

21.  654321

22.  superman

23.  qazwsx

24.  michael

25.  football

 

Finally, remember to employ four basic, yet critical, practices for maintaining secure passwords:

 

1)      Use unique passwords for each account.

2)      Change your passwords on a schedule.  How frequently is up to you, but anything from monthly to semi-annually.

3)      Don’t share your passwords.

4)      Avoid common passwords.

 

NP:  Hi Lili, Hi Lo, Bill Evans, jazz24.org

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: