Ever since the dawn of the personal computer age, users have had to create, remember and type in a password to do at least something with the machine in front of them. Because most of us already have plenty of other things to think about and remember, those passwords were often almost ludicrously simple, like “password” or “1234” or … you get the idea.
Some 30 years later, a lot of us do the same thing, even though we should know better by now. More than 37 million records were exposed in data breaches last year in the United States. That number represents records stolen from the business and government sector, and by an estimate from security application provider SplashData, includes more than 5 million individual password records.
There were plenty of examples of poor password choice to pick from last year, but the break-in at the Democratic National Committee was probably the poster child. An easily breakable password used by Hillary Clinton’s campaign manager John Podesta led to a hacking attack against the group’s systems that resulted in the loss of thousands of passwords and hundreds of thousands of emails.
The loss of billions of online credentials (usernames and passwords) in 2016 has led to an increase in a hacking attack known as credential stuffing, where credentials stolen from one website are gathered into a massive file that then enters the credentials one at a time into a different website’s login screen. Hackers’ success rates are barely 2%, but it doesn’t have to be very high — from a million stolen credentials, 20,000 accounts could be compromised.
What to do? Last October we looked at how to guard against identity theft. Near the top of the list is a recommendation to create strong passwords. Similarly, if you purchase a new device that is network connectable (the so-called Internet of Things), it is critical to change the default password that comes pre-installed.
And if you want those passwords to be hard for thieves to figure out, don’t use one of these, the 10 worst passwords of 2016:
- 123456
- password
- 123435
- 12345678
- football
- qwerty
- 1234567890
- 1234567
- princess
- 1234
Security website Darkreading has more details and an additional 15 passwords you should avoid.
Take This Retirement Quiz To Get Matched With A Financial Advisor (Sponsored)
Take the quiz below to get matched with a financial advisor today.
Each advisor has been vetted by SmartAsset and is held to a fiduciary standard to act in your best interests.
Here’s how it works:
1. Answer SmartAsset advisor match quiz
2. Review your pre-screened matches at your leisure. Check out the advisors’ profiles.
3. Speak with advisors at no cost to you. Have an introductory call on the phone or introduction in person and choose whom to work with in the future
Take the retirement quiz right here.
Thank you for reading! Have some feedback for us?
Contact the 24/7 Wall St. editorial team.
Editors' Picks
