The Password Problem and How People Can Solve It
Every year, security specialists analyze mountains of leaked data and put together a list of the worst passwords people use. For years, '123456' has been at the top of the list, followed by other ugly entries like 'password' and 'qwerty'. It's a terrifying sight.
But before we all start pulling our hair out, let's consider one more thing. To compile the Worst Passwords lists, experts go through data dumps that are stolen from badly secured websites and leaked on public forums. It's rarely clear where the data comes from exactly, which is actually a very important detail.
Despite what the lists suggest, some users aren't that careless. They know that if they choose "123456" as a password for an online forum account, the worst that could happen is a hacker chiming into the discussion with bad advice. That's not what the hackers are after, and users know it.
Hackers are after money, which is why when people who care about their data create their online banking accounts, they use something much more complex than "123456". Not to mention that most banks won't even let you use "123456" as your password (TIP: if your bank allows it, your password isn't the only thing you might want to consider changing).
Since the origin of the data in the Worst Passwords lists is unknown, we can't really say how many of these passwords were used to protect banking accounts and how many were safeguarding online forum profiles. In other words, these lists can't give us a 100% clear insight into people's password management habits.
Now that we mentioned this, it's time to start pulling our hair out because although some users carefully consider their threat model when creating online accounts, the problem of passwords is still massive.
Many people forget, for example, that their email account can be used for resetting the passwords to all their online profiles. They don't use their email that much and protect it with an easy-to-remember, simple password, overlooking the fact that this could have dire consequences.
Then there's the problem of password reuse. Some people are determined to stop hackers in their tracks, and they create one strong, complex password, which, they think, is impossible to guess. Then, they happily use it for all their online accounts, thinking that they're well protected.
One of the websites they've signed up for, however, stores passwords in plain text in a database that's exposed to the Internet. A hacker finds them, tries the same username and password combination against other websites, and the login attempts are successful.
The upshot is, users really aren't very good with passwords, but we shouldn't blame them for this. They just need their numerous online accounts but creating passwords that are both complex and unique for all of them is a lot of hard work. And remembering all these passwords is nigh on impossible. If they rely on themselves, the only option they have is to use or reuse passwords that aren't strong enough.
If they let Cyclonis Password Manager take care of their passwords, however, things are a little bit different.
Cyclonis Password Manager puts all the logins you decide to save with it in one place – your vault – and it also encrypts them to make sure that only you can access them. The key to your vault is your master password – the only password you'll need to remember. If you wish, you can store your data in your Dropbox, Google Drive, iCloud, or OneDrive account and sync it across all your devices.
The Password Analyzer will tell you if you're using and reusing old and weak passwords, and it will also warn you if some of your passwords might have been leaked. With the password generator, you'll be able to create strong, unique passwords for both new and existing accounts.
Cyclonis Password Manager is a convenient way of following the best password practices, and with its intuitive interface, it's very easy to use. Last but not least, it won't burn a hole in your pocket. Cyclonis Password Manager is free.