A recent study has shown that more than 25% of passwords used are made up of 6 characters or less which is totally inadequate to provide protection.
Ref: Web User magazine
Believe it or not, the study showed that these are the top 10 most commonly used passwords:
Ref: Web User magazine
Research has shown that around 16% of people use a first name as their password and the most commonly used name is “nicole” apparently.
It is highly recommended that you do not use real words that you can find in a dictionary or names for your passwords. Individual desktop computers can test anywhere between one million to fifteen million passwords per second against lower specification encrypted passwords hence running a basic dictionary password attack on a PC only needs a few seconds in most cases to crack these.
A weak password is an open invitation for profile-jacking, so make sure to use a fairly complicated one. Make it long, add symbols, alternate upper and lowercase letters, insert numbers, etc. Whatever you do, don‘t use the same password for all your social networking tools and other accounts. If your password is hacked, it is a fairly safe bet that the next thing the hacker will do is to try it on all your other accounts.
Increasing the number of possible symbols from which random passwords are chosen will increase the strength of generated passwords of any given length. For example, the printable characters in the ASCII character set (e.g. those on a standard English keyboard) include 26 letters (in two case variants), 10 digits, and 33 non-alphanumeric symbols (i.e., punctuation, grouping, etc.), giving you a total of 94 symbols to use (95 if you count space but this is generally not allowed). However, the same strength can also be achieved with a smaller number of symbols just by choosing a longer password.
Below is some sound advice on passwords from Microsoft.
Avoid creating passwords using the following:
- Dictionary words in any language.
- Words spelled backwards, common misspellings, and abbreviations.
- Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (e.g. qwerty).
- Personal information. Your name, birthday, driver’s license, passport number, or similar information.
Test your password with a password checker.
A password checker evaluates your password’s strength automatically. Check the strength of your passwords with the Microsoft secure password checker.
Protect your passwords from prying eyes.
The easiest way to “remember” passwords is to write them down which is okay, but make sure you keep them secure.
See also the Microsoft tips on creating strong passwords.