Passwords. They are a necessary part of our lives, but we simply do not give them the attention they deserve. Just like exercise keeps us fit and healthy eating keeps us slim, so do strong passwords keep us safe. So why do we continue to neglect them?
Since we just had World Password Day on May 3 this year, the day we should all change our passwords, it seemed a good time to revisit the topic and see if we can’t up our game—and our level of security. So here’s the good news bad news on passwords in 2018…bad news first.
The bad news: We still use poor passwords
First, the bad news. We are still using poor passwords—as in really, really bad passwords. When SplashData published the worst passwords of 2017 list, they reported that almost 3% of us are still using 123456 as a password. Worse, almost 10% of us are using one of the 25 worst possible passwords, listed here:
- 123456
- Password
- 12345678
- qwerty
- 12345
- 123456789
- letmein
- 1234567
- football
- iloveyou
- admin
- welcome
- monkey
- login
- abc123
- starwars
- 123123
- dragon
- passw0rd
- master
- hello
- freedom
- whatever
- qazwsx
- trustno1
You can see a full list of the 100 worst passwords of 2017. And if you see your password on that list, change it!
The good news: An easy way to beef up your passwords
It’s not all bad news for World Password Day, however. Despite our tendency to choose poor passwords still, technology is making it easier for us to keep our information and data secure—should we choose to act on it.
This year at the World Password Day website, you’ll see a campaign for #LayerUp. Layering up simply means adding another “layer” of protection by requiring more than one step to access your data. Called either multi-factor authentication (MFA) or two-factor authentication (2FA), it’s a way to make your password require something else too, like a fingerprint or a code sent to your cellphone.
To try it out, I logged into my bank account online and sure enough found the setting to add the second layer right away. Now when I log in, I will need my password and a code sent to my cell phone. It took me less than a minute to do, and I’m glad I took the time. All you do is visit www.twofactorauth.org to find out if a website offers the extra layer, and many popular banking and social media websites do.
The World Password Day website still encourages a strong password (see password advice here), and we still encourage you to beef up those passwords a.s.a.p., but in addition to that, you can easily add this extra step or layer—and keep your information that much safer from those who would like to compromise it.
