My friend, Steve Lorenzo over at http://tipsandtricks.im just compiled a report Top 500 Most Common Passwords Used Online and he’s giving it away for the asking. The subject has certainly been around for awhile, but every now and again it’s a good idea to revisit it.
In the 33-page report, Steve covers a lot of ground starting with phishing attacks on MySpace from a few years back and the most recent phishing attempts on Skype (which I also wrote about last month: Skype Phishing Attempts and Account Hacking – Part 1, and Skype Phishing Attempts and Account Hacking – Part 2).
If you are using any of the passwords on the lists presented in the report, you should change them immediately and then make sure that you don’t use the same username and password combination more than once on any site that matters. I confess that I have the same username/password combination on a few sites, but they are nothing important and I don’t use those combinations anywhere else. So, if a cracker manages to get one of those, he’ll waste time trying to make it work on my email accounts, back accounts, etc.
Further recommendations from the report:
- Never use the same username / password combination twice
- Always use the strongest possible passwords we may come with
- Not dictionary words
- Not our pet’s name
- Or our Mother-in-Law’s
- Neither the latest basketball or rock star’s name
- Nor the latest trends in gaming
- Finally, not even the coolest 4 letter word you just learned…
Again, this is a great reason to use a password manager to generate and store secure passwords. Steve likes RoboForm; as you know, I recommend LastPass. There’s a plethora of them out there; at last count, I was able to locate no fewer than 22 of them and with that many, there’s surely something for everyone.