In the 2015 edition of its annual worst passwords list, password management company SplashData revealed the 25 most common (and most easily compromised) passwords for the year. Based on an analysis of more than 2 million passwords revealed through searches of publicly available plain text data dumps, the report found that the Internet public is still clinging to its bad password habits.
Same Story, Same Verse
Internet denizens have taken at least some best password practices to heart, as they’ve clearly heard the message that longer passwords are safer. Unfortunately, it seems that most users have misunderstood the lesson, as the most common method to “fix” weak passwords is simply appending additional digits at the end of the pattern, explaining the spot held by “1234567890” at number 12 on the list.
Signs of Hope
Still, the rampant use of extremely obvious passwords shows that we still face a pressing need to push the spread of alternatives to using bad passwords. The lesson that Internet security is itself important seems not to have taken hold, even despite the mounting numbers of headlines about yet another data breach.
Ultimately, the takeaway seems to be that, while Internet users are aware that their passwords play an important role in their own online security, they still don’t grasp how to do so effectively. And really, who can blame them? In a world where the best security advice is that you’re supposed to remember dozens of separate (and complex) passwords, is it any surprise that so many choose to rely on one or two very simple passwords instead?
It seems that the best solution remains the use of password management software, and that we should move away from password-based authentication entirely, whenever possible.
Contact Garland Heart today to learn more about how your organization can increase its password security compliance and boost the effectiveness of your risk management solutions.