|
Why are passwords important?
Passwords are the keys that open the locks on our various accounts. Internet service, email accounts, web hosting control panels and our own corner of popular websites. They all require us to enter our username and password.
If your account username and password that you use on our servers is compromised, that also means our servers and entire network is at risk along with you. Our goal is to help you rest easy while also protecting the assets that run our network.
You may not know whether your passwords are strong or weak. Here's a little background information about the importance of passwords along with some real-world examples of how easily they can be exploited.
What kind of passwords do people use?
The most common passwords:
1. 123456, 123, 123123, 01234, 2468, 987654, etc
2. 123abc, abc123, 246abc
3. First Name
4. Favorite Band
5. Favorite Song
6. first letter of given name then surname, i.e. asmith or tmartin
7. qwerty, asdf, and other adjacent keys on the keyboard
8. Favorite cartoon or movie character
9. Favorite sport, or sports star
10. Country of origin
11. City of origin
12. All numbers
13. Some word in the dictionary
14. Combining 2 dictionary words, i.e. henpecked or mykids
15. any of the above spelled backwards
16. aaa, eee, llll, 999999, and other repeat combinations
Some sites force you to have passwords with both numbers and letters. For example, Bob's password is football and the site asks him to add some numbers to it to make it valid. Here's what people typically add:
1. Dates: Year of birth or marriage or graduation or expected graduation from high school or college
2. 007
3. 0 - 9
4. 69
5. 000, 111, 4444 or other long combinations
6. 123456, 123, 123123, 01234 and other too-simple combinations
Often, years are added in different and predictable ways:
football85, football1985, football04 instead of football4. There's also the possibility of sub-addons like football_04 and football-84. Many sites require both numbers and letters so these are more likely to occur since people have a tendency to use the same password for everything.
What are the most common passwords that people actually use?
A recent analysis of 116,782 compromised passwords from singles.org, phpBB and MySpace and another 10,000 passwords from Microsoft, Google and Yahoo revealed the top password in use is … 123456 … followed by … password … 123456789 … qwerty … 111111 … iloveyou … qwerty … password1 … and abc123. All of these and thousands more are already in every spammer's dictionary.
Who wants my password, anyway?
Spammers want your username and password to access your email account and, even better, the server where your email account is located. Access to your email account makes sending SPAM easy. They just login to WebMail using your username and password, alter your account and begin composing and sending messages. While it's an intruder who is using your account, it is seldom detected because the username and password belong to a valid, authorized user. This sort of exploitation can go undetected for months or even years.
What should a GOOD password look like?
There are a few trade-offs in selecting a password, but the following rules will help you select a GOOD password:
No plain English dictionary words, spelled forward OR backward
No repeating characters, use each only once
No alphabetically adjacent characters gh, mn, TU, 78
Use UPPERCASE AEORTIUHQ
Use lowercase adfgkjhqbjn
Use numbers: 1 2 3 4 5 6 7 8 9 0
Use symbols on your keyboard: @ # $ % & / ? _ + = !
It might look something like this: Ha!4=Ng#7
One popular line of thinking is to come up with a really nasty password of 12-15 characters, memorize it and use it for everything. This works so long as it's not stolen.
How good is my password?
Let's find out! Use our password strength analyzer. You enter your password and it tells you how strong - or weak - the password you entered really is.
|
