You’d think by now that everyone knows that “password” and “111111″ don’t make for a secure password. Well, if they do, it seems they don’t care.
The list of the 25 most common (and worst) passwords of 2013 has been compiled by the folks at SplashData. And many of the usual suspects made the list – again.
If they’re this popular, you can almost bet that some of your finance staffers are using them to gain access to your company’s systems.
Take a gander at the new list, then read on for strategies to make sure finance information is being better safeguarded.
Any of these sound familiar?
While 2012’s worst password, “password” did fall to the No. 2 spot, it was replaced by a just-as-obvious substitute. Here are this year’s 25 worst:
- 123456
- password
- 12345678
- qwerty
- abc123
- 123456789
- 111111
- 1234567
- iloveyou
- adobe123
- 123123
- admin
- 1234567890
- letmein
- photoshop
- 1234
- monkey
- shadow
- sunshine
- 12345
- password1
- princess
- azerty
- trustno1
- 000000
Better protecting your data
This list certainly serves as a lesson of what not to do when creating a password. And while some seem like no-brainers, you also want to remind staffers not to use the name of the program they’re working in. Odds are good someone on staff is using “excel” to get into spreadsheet-dependent work.
So what should your staffers be doing instead? Consider these three strategies from SplashData:
- Use passphrases instead of a password. It used to be that substituting characters for letters in words were the ticket. No longer. More sophisticated hacking programs are now able to crack those quickly. A passphrase consists of short words with either spaces or other characters in between them. SplashData now encourages folks to use random words rather than common phrases. For example, “sun*palmtree*vacation” or “red cars speeding!”
- Don’t use the same username/password combination for multiple websites. This is a tough habit to break staffers of, because these days there are so many things that require passwords. But it’s worth the reminder. You’ll want to tell your staffers they’re really tempting the fates if they use the same password for entertainment sites that they do for their email, social networking or financial services sites. And every time they sign up for something new or gain access to a new program it’s a clean slate: They should create a unique password (or, even better: passphrase).
- Help them remember all those passwords. Who could possibly remember that many unique passphrases (and which one is used for which site)? Try using a password manager application to both organize and protect passwords. Some can even automatically log you into websites (if that’s something you want). Finance staffers may be willing to follow these password best practices if you offer this type of tool. Just be sure you vet this through IT so you’re getting a reliable app.