The Definition of “Password”…by dStringer

PASSWORD

a secret word or phrase that must be used to gain admission to something.
  • a string of characters that allows access to a computer, interface, or system.

 

  • It's just obvious that one of the main focuses of an I.T.company is cyber security.  And one of the biggest components that helps to insure cyber security is a substantially intricate, therefore "secure" password.  This is a subject of such importance; therefore, I have flooded social media with many, many informative posts...an issue where I have blogged many times.  To me, it is common sense.  A complicated password to a cyber criminal is like a house full of impregnable locks to a burgler...the more difficult it is to gain access, the greater the chances that the "bad guy" will move on to an easier target...RIGHT?

Clearly, I am not the only one who has discussed and publicized this subject.  Anytime  there is news of the latest hacking, the matter of passwords...and the importance of creating an impenetrable one is analyzed as well.

So...imagine my surprise when a friend of mine forwarded this article to me...

The 25 Most Popular Passwords of 2015...We're All Such Idiots...

It’s 2016 and you may have thought we’d all be a little older and wiser than this time last year. But as you read this list of 2015's most popular passwords, you will shake your head, mumble unmentionables and reach the firm conclusion that, no, we are in fact all still complete and utter morons.

Every year, SplashData complies a list of the millions of stolen passwords made public throughout the last twelve months, then sorts them in order of popularity. This year the results, based on a total of over 2 million leaked passwords, are not the list of random alpha-numeric characters you might hope for. Rather, they’re a lesson in exactly how not to choose a password.

Yes, “123456" and “password” remain bewilderingly popular.

 

But anyway, without further ado, here’s the list, direct from Splash Data. Brace yourselves.

1. 123456 (Unchanged)

2. password (Unchanged)

3. 12345678 (Up 1)

4. qwerty (Up 1)

5. 12345 (Down 2)

6. 123456789 (Unchanged)

7. football (Up 3)

8. 1234 (Down 1)

9. 1234567 (Up 2)

10. baseball (Down 2)

11. welcome (New)

12. 1234567890 (New)

13. abc123 (Up 1)

14. 111111 (Up 1)

15. 1qaz2wsx (New)

16. dragon (Down 7)

17. master (Up 2)

18. monkey (Down 6)

19. letmein (Down 6)

20. login (New)

21. princess (New)

22. qwertyuiop (New)

23. solo (New)

24. passw0rd (New)

25. starwars (New)

There are some interesting trends, if you can get beyond the sheer stupidity for a moment. Sports-based passwords are still popular, with “football” and “baseball” both ranking highly, and so are those inspired by a certain blockbuster film, with “starwars” and “solo” making an appearance.

It’s also nice to see the return of “princess,” which dropped out of the Top 25 last year but has made a resurgence, also potentially due to Star Wars. Elsewhere, other new entires—including “welcome,” “login” and “passw0rd”—are just as hackable but far more amusingly dumb.

You can check out the lists from 2013 and 2014 if you don’t hate humanity and the internet enough already.

Now is the point at which we should provide some advice about how to create a strong password. But here’s the best piece of advice we have: let’s all stop being such *%%**##%*idiots.

~Jamie Condliffe~

 

Oh my goodness...You could have "knocked me over with a feather" as they say.  Truly.

The last paragraph of the above article mentions providing advice about how to create a strong password...and the article's author suggests that the best advice is to stop being "idiots".  And while that is very good advice, it's painfully obvious we kind of don't know how to do that when it comes to creating a password. I can't tell you how many people I know who used their social security number as their passwords!!  That is, until I talked  them out of it!   I don't think it's stupidity, really.  I'd like to think that it is more the "It won't happen to me" syndrome that allows us to continue to throw common sense out the window, not just with this specific situation, but in many circumstances. Either way, we REALLY have to stop and think about how vulnerable we are allowing ourselves to be.

Here is an interesting fact...MOST cases of stolen information occur by the hacker guessing the victim’s password. And if an identity thief gets his hands on your password, he instantly gains access to your phone messages, email, bank account information, credit card information, social security numbers, and all the other information the angel on our shoulder tells us to keep private.

Therefore, along with "using our noggins", here is some practical advice on how to create a strong password...

  • A good password is:
    • 7 or more characters long.
    • Not easy to spot while typing, such as “asdfjkl;”, and can be typed quickly (keep an eye out for those over-the-shoulder snoopers).
    • A combination of upper and lower case letters, as well as numbers, punctuation marks, and symbols.
  • Try:
    • Using the first letter of a phrase that has an important meaning to you. “Yankee Doodle went to London riding on a pony” would be “ydwtlroap”. Don’t forget to add a few numbers and symbols to that phrase!
    • Intentionally misspelling a word or phrase. Use “Dankee Yoodle” instead of “Yankee Doodle”.
    • Changing your password at least every 90 days. (Make sure to NEVER reuse old passwords!)

And once you create this secure password, never EVER write it down. Anywhere!!!

I know you're thinking, "WHAT?  Don't write them down?  How in the heck will I remember all of them without writing them down?"

One clever, but tedious way is to change your password every time you log on.  Frequently changing your password definitely keeps cyber criminals at bay,assuggested above.

Another is to create an e-mail account that's linked to just your most sensitive online accounts -- financial accounts, namely -- and don't use it for anything else. The fewer ways that criminals can link your various accounts to build a profile of you, the better. Having a separate e-mail account makes it harder for criminals to connect the dots they need to crack security questions, like those that ask for your maiden name or your pets' name. So maybe they won't figure out that the Judy Smith whose banking password they just obtained is the same as the Judy Smith who lists her maiden name and pets' names in her Facebook profile.

BUT...PLEASE!  If you take nothing more from this article, re-visit all of your passwords and double check them for security strength.  Your perceived hassle in dealing with creating new passwords will be far exceeded by becoming a victim of Identity Theft.

626-449-5549/alcalaconsulting.com