Grace Information Management Blog

When it comes to password security, it is important to consider some simple things, and according to the security firm SplashData, users should avoid long strings of numbers, sports, children’s names and birthdates.

SplashData’s annual security report has named 123456 as the worst password of 2014, it is joined in the top 10 list of unsafe passwords by 12345, 12345678, 123456789 and 1234!

The security firm, which makes password management software and publishes the “worst passwords” list annually states that its list is based on hard data obtained from a list of 3.3 million leaked passwords last year.

In addition to the string of numbers, the top 10 list also includes the passwords: “password”, “qwerty”, “baseball”, “dragon” and “football”.

Although this data is obtained from leaks related to North America and Western Europe, we would be safe to assume that an Australian list could include passwords such as “cricket”, “rugby”, or “soccer”.

Additionally, other passwords that prove weak are those based on simple keyboard patterns for both desktop and mobile devices. Close attention should also be paid to selecting passwords that do not contain personal details such as favourite sports, and the names or birthdates of family members.

Using personal information is an ideal way for people to remember passwords, however most personal information is easily accessible to cybercriminals that target individuals and/or businesses.

Weak passwords also put security in further jeopardy as most are used across multiple platforms by the same user, allowing access to a multitude of diverse information to hackers. Using weak passwords for email services has also been pointed out as a dangerous practice, for it could open the door for criminals to access other login and personal information.

So while passwords such as “superman” (21 in the rankings list) may be a popular choice amongst users, they are shown to be easily cracked and could prove to be both costly and dangerous for business.

Grace Information & Records Management recommends that passwords be made as complex as possible through the combination of upper and lowercase letters, numbers and where possible characters to form a tough to access secret code.