SplashData has released their list of Worst Passwords for 2013 and in a stunning upset, “123456” has beaten “password” and is now #1. Really?
Even sillier, people sometimes use the application as a base for the password. Here’s a Pro Tip. If you are accessing Photoshop online, your password should not be “photoshop” or “abode123”, it just shouldn’t.
SplashData’s top 25 list was compiled from files containing millions of stolen passwords posted online during the previous year. The company advises consumers or businesses using any of the passwords on the list to change them immediately.
Having trouble remembering all those different strong passwords? Try using a password manager application that organizes and protects passwords and can automatically log you into websites.
I use LastPass. If you aren’t using a password manager, you might want to. Then you only need remember one password. LastPass does not store passwords on their website, it encrypts them locally using the LastPass password. They do not know what the password is. The only caveat is is if you forget your LastPass password you are out of luck.
While a lot of attention is given to high profile account breaches, the truth is many passwords are next to useless because of their simplicity.
Another problem is sysadmins forgetting to change default passwords, which is akin to leaving the door to the vaults unlocked.