I have received several e-mail messages purportedly from people on my e-mail contact list appealing for financial assistance as they were supposedly stranded in a foreign country. As they later turned out, the e-mail messages were fake. They were sent by somebody else instead of the friends I knew to own those e-mail accounts. How were the messages transmitted from the owner's account to make the message seem authentic on first appearance? Their passwords were hacked by people with malicious intentions. In computer security, a login or logon (also called logging in or on and signing in or on) is the process by which individual access to a computer system is controlled by identifying and authentifying the user referring to credentials presented by the user.
A technology firm, SplashData, that specialises in management application provider monitored people who steal other people's identities and has compiled a list of the weakest security combinations which are easy to break into. The study found that even though people are encouraged to select secure, strong passwords, many people continue to choose weak, easy-to-guess ones, placing themselves at risk from fraud and identity theft. According to SplashData the list is somewhat predictable: Sequences of adjacent numbers or letters on the keyboard, such as “qwerty” and “123456,” and popular names, such as “ashley” and “michael,” all are common choices. Other common choices are “monkey” and “shadow”. SplashData created the rankings based on millions of stolen passwords posted online by hackers. Here is the complete list:
A technology firm, SplashData, that specialises in management application provider monitored people who steal other people's identities and has compiled a list of the weakest security combinations which are easy to break into. The study found that even though people are encouraged to select secure, strong passwords, many people continue to choose weak, easy-to-guess ones, placing themselves at risk from fraud and identity theft. According to SplashData the list is somewhat predictable: Sequences of adjacent numbers or letters on the keyboard, such as “qwerty” and “123456,” and popular names, such as “ashley” and “michael,” all are common choices. Other common choices are “monkey” and “shadow”. SplashData created the rankings based on millions of stolen passwords posted online by hackers. Here is the complete list:
- 1. password
- 2. 123456
- 3.12345678
- 4. qwerty
- 5. abc123
- 6. monkey
- 7. 1234567
- 8. letmein
- 9. trustno1
- 10. dragon
- 11. baseball
- 12. 111111
- 13. iloveyou
- 14. master
- 15. sunshine
- 16. ashley
- 17. bailey
- 18. passw0rd
- 19. shadow
- 20. 123123
- 21. 654321
- 22. superman
- 23. qazwsx
- 24. michael
- 25. football
The study urges businesses and consumers using any password on the list to change them immediately. Hackers can easily break into many accounts just by repeatedly trying common passwords.
 |
| Password |
How to protect your passwords
It is almost impossible to understate the importance of having and using strong, secure online passwords. Fortunately, there are tools and precautions e-mail account holders can take that will help simplify the process of keeping passwords safe and protected. One of such tools SplashData suggests is to use unique generated passwords for different accounts. Look out technologies that give tips on current trends on password management. If your PC does not have a password to log in, never allow your browser to keep records of your e-mail accounts passwords when it request the remember password prompt.
Use HTTPS Logins
Beyond just using unique, secure passwords and password management tools, it is also important that businesses use secure logins, especially when accessing web services from outside of a corporate network.Turning on HTTPS as a default login option in the web services that support it is a good idea for all users, but it makes even better sense in a corporate context.
In the last few months, a growing number of websites, including social networks Twitter, Facebook, Gmail, Foursquare and Hootsuite have started to implement HTTPS as a login option. Using HTTPS, logins are encrypted over the network. This means that even if the network itself is open, the password and username to your account isn’t visible to those sniffing the network.
Tools for Keeping Track of Your Passwords
The SplashData provided some tips for choosing secure passwords in a statement:
- 1. Vary different types of characters in your passwords; include numbers, letters and special characters when possible.
- 2. Choose passwords of eight characters or more. Separate short words with spaces or underscores.
- 3. Don’t use the same password and username combination for multiple websites.
- Use an online password manager to keep track of your different accounts.
As some websites have begun to require passwords to include both numbers and letters, it makes sense varied choices. It is imperative to adhere to this precaution by avoiding the use of such passwords as “abc123″ and “trustno1” which seem to be popular choices. Are these lists helpful? Do you need to rethink any of your password choices? Act now because password is not just another word, it is your identity and your passport to the cyberspace. Remember that the cyberspace is a borderless environment where faceless people take refuge in the belief that anything is possible including changing man into a woman.
