Would you believe three of the most commonly used passwords are: “123456,” “password,” and “iloveyou?”
I logged into Gmail recently and was pleasantly surprised to read this screen pop at the top of the screen:
“Thousands of online accounts are hijacked every day. If you re-use your Gmail password at other websites, change it now.”
Many people use the same password on multiple sites. If you think about all the different sites that require you create a user name and password to use the site’s services, consider that each of those sites employ varying degrees of network security. Less sophisticated sites may even store your password in their database as unencrypted text! And if their network is hacked, and a hacker discovers your password, they may attempt to use it on sites like Facebook, AOL, Yahoo, and Google to see if it works. If you’ve used the same password everywhere, well, bad people now have access to a lot of personal data. I don’t think it’s an exaggeration to say that many identify theft cases begin with a simple password hack.
So change and diversify your weak password! Or someone else will.
I’m by no means an expert on digital security or passwords for that matter. But I have found good resources that have helped me become more sophisticated in my use of passwords.
- There are a lot of tools available to help you avoid having to remember different passwords for all those sites. I use LastPass, and there are other similar trustworthy services worth looking into.
- Here’s a good, eye-opening read on password hacking from John P. at One Man’s Blog: How I’d Hack Your Weak Passwords.
- Clearly I’ve developed a fascination with passwords. I listen often to a podcast called Security Now where hosts Steve Gibson and Leo LaPorte discuss topics related to internet, cyber, digital, and network security. Passwords come up often. In fact, Steve Gibson has his own fascination with passwords. Unlike my fascination, however, his has the potential to help people be safer online. You know, because he’s like a computer science genius and all, and I’m not. Anyway, he created a fun tool called Password Haystacks which analyzes the time required to hack a given password, assuming certain variables. For example, 123456 is hacked in under 20 minutes if the hacker is using an exhaustive key search, or brute force technique. Play around with Password Haystacks and see how your password (or hopefully passwords) stack up!