The Most Popular Passwords of 2018 Are an Embarrassment

Passwords have become an integral part of our lives, and we probably don't even think much about it when we have to make new ones. However, just like with anything else in the world, there are good passwords and bad passwords. Although we cannot reuse good passwords, bad passwords can always teach us how to improve our safety online. This is exactly what we will cover in this blog post. We will go through a list of the worst passwords out there, and then we will tell you what is considered a strong password.

The Worst Passwords by SplashData

A few weeks back, SplashData released a list of the worst passwords in 2018. SplashData is a software company that specializes in creating and providing security software for mobile professionals, business and enterprise customers. Therefore, the company gets a hand on millions of passwords every year. As a result, it can compile lists of terrible passwords that later on make the news, give us a few good laughs, and literally educate us on cybersecurity.

So before we go through the qualities of a good password, let's take a look at the list of the worst passwords. Here are the top 20:

  1. 123456
  2. Password
  3. 123456789
  4. 12345678
  5. 12345
  6. 111111
  7. 1234567
  8. Sunshine
  9. Qwerty
  10. Iloveyou
  11. Princess
  12. Admin
  13. Welcome
  14. 666666
  15. abc123
  16. football
  17. 123123
  18. Monkey
  19. 654321
  20. !@#$%^&*

It is not too surprising that passwords with numerals basically dominate the top 10. Such passwords are really easy to remember and create, but then we can also see that they can be extremely easy to guess. Seeing how "123456" is probably the most common bad password out there, we can assume that sometimes hackers do not even need to use brute force to crack down a password. They can try simple number sequences and voila: they are inside the system.

What's more, at first glance, the password that landed on No. 20 – "!@#$%^&*" – might look like a decent one. Sure it has only the special symbols, but who would ever guess the combination? Well, you can only say so if you are not too familiar with the keyboard because the special symbols in that password go in the same sequence as the keys are laid out on the keyboard right above the letter rows. So technically, it only looks like a good password. The reality is that it can be extremely easy to guess as well.

Although the top 20 of the worst passwords do not have actual names on the list, SplashData has added several name passwords into the overall top 100. Surprisingly (or maybe, not so much) at No. 23 came in "donald," which can only be a reference to the current president of the United States. It is more than clear that using popular names for passwords is a bad idea, but it is also interesting how the main annual issues can reflect on something simple as the most used passwords.

What Is Considered a Strong Password?

Now that we have given you a glimpse of the worst passwords of 2018, let's talk more about what constitutes a good password. As you can probably tell from the worst passwords list, there are certain dos and don'ts when it comes to creating a new password. For one, we can already see that we cannot use actual words that are easy to guess. Next, we cannot use numerals in common sequences, and we most definitively cannot exploit our keyboard's layout to make easy-to-guess passwords. So where does that lead us to?

In order to create a good password, we have to consider several factors. Namely: complexity, length, and uniqueness. Let's break it down those features one by one.

If you want to have a strong password, it has to be complex, and have all sorts of different characters. In other words, it is strongly recommended to use alphanumeric characters for your password, along with the special characters. By alphanumeric, we mean that you have to have both numerals and letters in your password, and it would also be great if the letters were capitalized at random.

Next, a good password is long. Although most of the services require your password to be at least 8-character long, you will find experts that say a good password cannot be shorter than 14 characters. So from that, we can see that our passwords should be especially long. And the length is closely connected with the other feature, which is uniqueness. The point is that the longer the password is, the harder it is to memorize. And so users are bound to use actual words for long passwords, making them easier to remember.

The problem is that using actual words for passwords is not a good idea. It will not be a good password, and its uniqueness will suffer. A good password is a random sequence that is especially hard to guess. So, for example, "JohnMitchell_92" would be a pretty awful password, whereas "Whnf70_*fHwg$l" would definitely be a stronger one. We totally agree that the former is easier to memorize than the latter, but who says you have to memorize them all?

How to Generate and Store Good Passwords

Needless to say, it is very tiresome and burdensome to come up with good passwords all the time. But you don't have to do it. You can relegate this task for Cyclonis Password Manager. This tool comes free of charge, and it comes with a Password Generator that will create unique passwords for your every account. You can choose how long and complex you want them to be, and then you can even store them in the password manager's vault. To put it simply, you will not have to memorize them or keep them jotted down on a piece of paper.

What's more, if you use Cyclonis Password Manager Browser extension, the tool will automatically fill in all your passwords right when you try to access your accounts. Of course, you need to tweak the manager's settings first, allowing it to do so, but it is easy to see that you would clearly be winning here. A password manager would help you create good passwords, store them, and save you time whenever you log in to your accounts online. When it comes to passwords, that's the smartest move you can make today!

January 10, 2019

Leave a Reply