PadlockLike them or hate them, passwords are one of the regular occurrences in our everyday lives. We use them on an almost daily basis and have so many for each of the systems/web services we use.

How many people have the same password across two or more of these systems/web services.

SplashData have released their annual password list of the worst passwords in use today (or as at the time of the survey) and this is already generating a lot of discussions about the list and how to set passwords.

Source: http://splashdata.com/blog/

The list of passwords can be found at:  http://www.bbc.co.uk/newsbeat/article/35351265/star-wars-is-now-one-of-the-most-popular-passwords

123456 and password remain the top 1 and 2 positions for the past couple of years. Starwars has made the list as a new entry.

Part of the problem is the systems registering and requesting the passwords are not configured to allow complex passwords of long length and allow simple passwords without an exceptions list. However there are good systems that do.

Next time you set a password, there are a number of simple things to think about:

  • Complexity
  • Not easily guessed through social mining
  • Changed regularly

A good analysis of how to set a password comes from the xkcd comics:


Source: https://xkcd.com/936/

Time to reset your passwords if yours is on the list and set a good habit of changing it at least every 30 days. Establish a strong password policy of uppercase alpha , lowercase alpha, numeric, special characters. Also a long password rather than a short password.