skip to Main Content

Are your passwords strong enough ?

A recent study has shown that more than 25% of passwords used are made up of 6 characters or less which is totally inadequate to provide protection.

 

password length statistics

Ref: Web User magazine

 

Believe it or not, the study showed that these are the top 10 most commonly used passwords:

 

1123456
212345
3123456789
4password
5iloveyou
6princess
7rockyou
81234567
912345678
10abc123

Ref: Web User magazine

 

Research has shown that around 16% of people use a first name as their password and the most commonly used name is “nicole” apparently.

It is highly recommended that you do not use real words that you can find in a dictionary or names for your passwords. Individual desktop computers can test anywhere between one million to fifteen million passwords per second against lower specification encrypted passwords hence running a basic dictionary password attack on a PC only needs a few seconds in most cases to crack these.

A weak password is an open invitation for profile-jacking, so make sure to use a fairly complicated one. Make it long, add symbols, alternate upper and lowercase letters, insert numbers, etc. Whatever you do, don‘t use the same password for all your social networking tools and other accounts. If your password is hacked, it is a fairly safe bet that the next thing the hacker will do is to try it on all your other accounts.

Increasing the number of possible symbols from which random passwords are chosen will increase the strength of generated passwords of any given length. For example, the printable characters in the ASCII character set (e.g. those on a standard English keyboard) include 26 letters (in two case variants), 10 digits, and 33 non-alphanumeric symbols (i.e., punctuation, grouping, etc.), giving you a total of 94 symbols to use (95 if you count space but this is generally not allowed). However, the same strength can also be achieved with a smaller number of symbols just by choosing a longer password.

Below is some sound advice on passwords from Microsoft.

Avoid creating passwords using the following:

  • Dictionary words in any language.
  • Words spelled backwards, common misspellings, and abbreviations.
  • Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (e.g. qwerty).
  • Personal information. Your name, birthday, driver’s license, passport number, or similar information.

Test your password with a password checker.

A password checker evaluates your password’s strength automatically. Check the strength of your passwords with the Microsoft secure password checker.

Protect your passwords from prying eyes.

The easiest way to “remember” passwords is to write them down which is okay, but make sure you keep them secure.

See also the Microsoft tips on creating strong passwords.

Steve

Steve Wood owns and runs Scalar Enterprises based in Portsmouth in Hampshire. He offers a range of services including Web design, Internet marketing and search engine optimisation (SEO) to small businesses and SMEs in Hampshire and the surrounding areas.

Back To Top