Can I guess your password?
Despite all the years of publicity regarding the importance of data security it seems as though many people are not taking it seriously enough. I have often found people’s passwords taped to the underside of their keyboard, and in one memorable case to the monitor.
A study by Data Security company, Imperva, found that one in five people are using an easy to guess password. In December last year an unknown hacker hacked a company that develops software for social networking sites and downloaded 32 million passwords. Imperva was able to analyse this data, and its conclusions were startling. In the 1990s the most popular password was 12345. It appears it is now 123456, so it has been strengthened by the addition of the extra digit. Previously it has only been government agencies which have had access to this number of passwords and so it is unusual for this type of analysis to be in the public domain.
Some websites, when you open an account, advise you whether your password is ‘weak’ or ‘strong’, but many still allow you to go with the weak password. Others force passwords to be a minimum length, or to be a mix of characters and digits. However, too many accept a password without question. Part of the problem is the sheer number of passwords we have to use, and recall. The temptation is to chose something which is easily remembered. It has been suggested that on average we have to use ten times more passwords than we did ten years ago. Employers should be concerned, when employees are using the same password on their Facebook account, and other social network sites, as their work account – often a very weak password. The problem is compounded by Facebook being a rich vein for mining, containing the personal details often used for passwords, such as place of birth, middle name, partner’s name, favourite football team etc.
If you are interested it was found that the top ten most commonly-used passwords were found to be:
Click on the ‘Dilbert Logo’ at the top of this post to see the cartoon.