SplashData has published a list of the 25 worst passwords of 2014 in its annual ranking. One of the first rules to follow when you log on to the Internet, as well as one of the simplest rules and logic, is to choose a password appropriate to the sensitivity of the data contained on a given account. A rule as simple as undervalued, and that often leads to simplification of procedures for the cyber criminal hacking.
The simpler a password, and larger the possibility that an account be violated, and when it comes to sensitive data such as e-mail or bank accounts, you had better pay close attention to the subject. In short, the password is not only a formal procedure to be settled as quickly as possible, but the access key to all our personal and private data.
Just to sensitize the audience on the issue, SplashData compiles an annual ranking of the worst passwords of the past twelve months among the most common ones. We find, among these, terms commonly used as ” baseball ” and ” football “, names of teams, and even proper names. There are, as has become tradition, the series of numbers that occupy the top positions of the ranking. The listed below.
- 123456
- password
- 12345
- 12345678
- qwerty
- 234567890
- 1234
- baseball
- dragon
- football
- 1234567
- monkey
- letmein
- abc123
- 111111
- mustang
- access
- shadow
- master
- michael
- superman
- 696969
- 123123
- batman
- trustno1
The list is almost frightening when you consider the two scandals that have marked the past year: the celeb-gate with hundreds of photos and videos of celebrities in racy poses and put succinct (to put it mildly) and, not to forget, the case involving Sony Pictures, in which the company’s executives have been robbed of multiple e-mail with sensitive content and information films in the pipeline, and never made official. We knew so well the first information on the Xperia Z4.
We take this opportunity to remember some basic rules for the choice of your password: you should use different passwords for different services, leveraging tool password storage for easier storage. Also, to be more secure, the password should be made up of 14 characters, avoiding to exploit simple tricks to remember, as the input of personal information. Moreover, passwords should be formed (if supported by the service) to be uppercase, numbers and symbols in any order.
Following the events of the last year, companies have introduced the most important criteria for two-factor authentication. Every time you want to log into a website that supports the feature, you must enter two passwords: the first, the canonical choice by the user, and the second message sent by a mobile phone number from the same service. This changes every time you are prompted to log in, which cannot be completed unless you have physical possession of the phone’s owner.
The system is extremely reliable even if, because of its cumbersome, often is not considered as an option to log in by many users, even for those services where it is introduced data extremely delicate.