Your Password is More Common Than You Think: Here’s Proof

Bad news. Hackers probably already have your password. Considering 50% of people haven’t changed their passwords in over a year, and more than 10% are using one of the most commonly used passwords, the odds aren’t exactly in your favor. While you may think your password doesn’t matter, it does. And it’s probably much more common and easy to crack than you think. Here’s proof that updating your password the right way is definitely worth 30 seconds of your day.

While we know that over 143 million people have had their Social Security numbers, birth dates, address histories, legal names and, in some cases, driver license numbers exposed by the recent Equifax security breach, we don’t currently have a way to tell if these were all new cases or not. Considering that just last year 4.2 billion personal records were compromised, and Yahoo! lost more than 1 billion user accounts, this threat doesn’t seem to be slowing.  This forces consumers to change how they see their sensitive information. It’s critical that you monitor what you’re sharing on social media, and keep a tight lock on your private accounts. A solid way to do this? Update your passwords regularly (even though yes, it can be a pain). 

Each year SlashData releases their list of the most commonly (aka worst) passwords used in the U.S. And while we would hope that users understand the severity of complications that can come from easily-hacked accounts, there are still repeated passwords on their lists each year.

SplashData reports that, “Just over 10% of people use at least one of the 25 worst passwords on this year’s list, with nearly 4% of people using the worst password, 123456.”

This tells us that users are simply not concerned with protecting their accounts. However, they really should be. With the recent releases from Equifax and past breaches from large corporations like Yahoo! and Target, you really can’t be too safe. Changing your password is an easy way to protect yourself. It can take a password hacking bot only seconds to guess thousands of possible entrees to an account. One of the best ways you can protect yourself is by not using one of the 15 choices listed below.

Most Common Passwords of 2016

1.      123456
2.      password
3.      12345
4.      12345678
5.      football
6.      qwerty
7.      zaq1zaq1
8.      1234567
9.      princess
10.    1234
11.     login
12.    welcome
13.    solo
14.    abc123
15.    admin

You’ll see some obvious offenders, like the number sequences, but some are a little more out there like “zaq1zaq1”. This is a pattern on the keyboard, which means those should be avoided too. Other passwords that don’t appear on this list but should be avoided? First or last names, or names of streets. Really anything that could be found in your account or easily looked up online.

Don’t

• previously employed passwords or variations of them 
• proper names
• words from the dictionary
• common character sequences such as “123456”
• personal details such as variations of your name, your spouse’s name, birth dates

Do

• create passwords that are at least 10 characters, but 13 characters is even better
• use at least three of: alphabetic, mixed case, numeric/punctuation characters when creating a new password 
• vary the case of the letters in your password such as “Jo82n@1”
• use unique names that don’t appear in the dictionary

iOFFICE takes the security of our customer’s information seriously. In addition to the above recommendations, we have a few more suggestions for ensuring your passwords stay safe and secure. These are standard requirements when creating a password within our software, but they can be applied to any and all passwords you use when doing business online:

• Should your display name include delimiters such as commas, periods, dashes or hyphens, underscores, spaces, pound signs, or tabs, split them up. 
• Your password should contain characters from three of the following categories:
  • Letters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters)
  • Lowercase letters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters) 
  • Base 10 digits (0 through 9)
  • Non-alphanumeric characters (special characters) (for example, !, $, #, %)
  • Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes Unicode characters from Asian languages.
• We recommend that you use a password storage application like, LastPass, which keeps your information secure and comes in handy if you tend to be forgetful with those complicated passwords you keep creating.

Until all of our devices and logins are equipped with face-recognition or fingerprint identification technology, we will have to settle for using old-fashioned passwords to keep our online information secure. Don’t run the risk of falling into one of those 4.2 billion personal accounts. Do your privacy a favor, and update your passwords properly every three months. It’s 30 seconds spent that could potentially give you back days of work, and countless time worrying.