Friday, May 29, 2015

“We’re all doomed.” -Gizmodo

The list of 2014’s most popular passwords -- go ahead and replace “most popular passwords” with “worst passwords on the planet” -- is pretty alarming. Gizmodo really said it best, but we feel like we should take this opportunity almost midway through 2015 to remind everyone that passwords are important. More important than remembering your mom’s birthday.

No, you are definitely not the only one who thought “letmein” was going to cut it.
Let’s start with the list in all its glory. Here it is from SplashData -- the most popular passwords from 2014:
  1. 123456
  2. password
  3. 12345
  4. 12345678
  5. qwerty
  6. 123456789
  7. 1234
  8. baseball
  9. dragon
  10. football
  11. 1234567
  12. monkey
  13. letmein
  14. abc123
  15. 111111
  16. mustang
  17. access
  18. shadow
  19. master
  20. michael
  21. superman
  22. 696969
  23. 123123
  24. batman
  25. trustno1
Feeling a little less creative about your current password? Shocked that “michael” (#20) really must be the most popular name on the planet? Or maybe you are feeling oddly secure after reading the list because you have been using your cat’s name combined with your birthday? Sorry, that isn’t any better.

It’s time to get your life together.
Listen to this newsbit from CNN Money, published one year ago: Hackers have exposed the personal information of 110 million Americans -- roughly half of the nation's adults -- in the last 12 months alone. Yikes.

So get your passwords up to speed. Create and use strong passwords or pass-phrases that contain a mixture of upper and lower case letters, at least one number, and at least one symbol/special character. And please, PLEASE don't use the same password/pass-phrase for all of your accounts and logins. We are begging you.

Other ways to secure your stuff:
  • Use two factor authentication (Gmail user? Learn how to turn it on right now)
  • Use -- and regularly update -- anti-virus, malware, and spyware software
  • Never provide personal or financial information in response to an email, even if it appears legitimate
  • Do not click on links or download attachments in email messages you receive from people you do not know or content that seems suspicious
  • Use unique passwords for all accounts. Your personal email password should not be the key to unlocking your bank account!
  • Let’s do that last bullet one more time: Use unique passwords for ALL of your accounts.
Want more? Check out our Office of Information Security online for additional tips and how-tos.

Debbi Blyth: Chief Information Security Officer. Colorado native (almost!), beach lover, deep sea diver, Sunday school teacher. I'm the queen of keeping Colorado safe online. Find me on Twitter at @debbiblyth.

No comments:

Post a Comment

OIT encourages open discussion, and we invite you to share your opinion on our issues. By commenting on this blog, you are agreeing to our commenting policy, outlined below.

We reserve the right not to publish comments on our blog containing any of the following elements: profanity, misinformation, spam, off-topic/irrelevant (including self promotional posts not having to do with IT or the organization), personal attacks, promotion of violence, or the promotion illegal or questionable activities.

If you repeatedly violate this policy, you will be blocked from commenting.

If you have a question regarding this blog or anything on it, please email us at oit@state.co.us.

We appreciate your cooperation and support, and look forward to connecting with you!