The password minefield

How much thought do you give to setting up your passwords?

You’ll find yourself often being asked to change your password, using a combination of letters, numbers, symbols, a certain length of characters and one that hasn’t been used before, it’s hard to come up with secure passwords regularly, but it’s important.

No matter how many times people are warned about the dangers of using unsecure or predictable passwords, it still happens.

The most popular combinations are still ‘123456’, the second being ‘123456789’. Easily guessed numbers made up eight of the top ten most commonly used configurations in 2016, including ‘111111’, ‘222222’, ‘333333’ etc. Using the word ‘password’ was at position 8.

Using combinations such as ‘18atcskd2w’ or ‘3rjs1la7qe’ seem secure right? Wrong, these more complex passwords are used repeatedly by bots when they set up dummy email accounts for spam and phishing attacks and passwords that are made up of 6 or less characters are susceptible of attack, as they can take just seconds to unscramble. It’s a minefield!

How to come up with a new secure password

1. What about using a password manager or password generator app to produce a password for you? You could go down this route, it’s definitely more secure than using those mentioned above. Trouble is that algorithms are used in most cases to generate these code, algorithms that are no doubt also used by clever scammers.
2. Random word selection… Pick 3 completely unrelated words, book/tyre/kettle for example – look around you and outside for inspiration. Replace some of the letters with symbols and numbers. Due to the random nature of selection, this will make the password tougher to crack.
3. Close your eyes and tap… An alternative is to randomly tap keys across the keyboard without looking, use both hands and move around the keyboard. Downside, using this method may make it harder for you to remember, but will be totally randomly selected and harder to crack. Just as good as a password generator.

So how often should you change your password?

It depends on the level of risk. If you have access to customer, sensitive, monetary, secure or business critical data that would be devastating in the wrong hands, then you should change your password monthly. If it’s Facebook or another social media platform, the risk may not be deemed as great. The choice on this is up to you as you won’t be prompted to change.

The no no’s

Below is a list of the top 25 researched predictable passwords of 2016. If yours is on this list, change it now!

1. 123456
2. 1233456789
3. Qwerty
4. 12345678
5. 111111
6. 12334567890
7. 1234567
8. Password
9. 123123
10. 987654321
11. Qwertyuiop
12. Mynoob
13. 123321
14. 666666
15. 18atcskd2w
16. 7777777
17. 1q2w3e4r
18. 654321
19. 555555
20. 3rjs1la7qe
21. Google
22. 1q2w3e4r5t
23. 123qwe
24. Zxcvbnm
25. 1q2w3e

Strengthen Your Business Security—Starting with Your Passwords

Cyber threats are constantly evolving, and one of the easiest ways for fraudsters to access your systems is through weak or compromised passwords. Poor password management can leave your business vulnerable to online fraud, data breaches, and costly downtime. That’s why it’s essential to take a proactive approach to IT security.

At Smart Computers, we help businesses protect themselves with our FREE Smart IT and Security Audit. Our expert team will assess your current IT infrastructure, focusing on critical areas like password security, data protection, and system vulnerabilities. We’ll identify risks, recommend best practices—such as multi-factor authentication and secure password policies—and provide clear, actionable insights to strengthen your defenses.

Don’t let weak passwords be the weak link in your security. Contact us today to book your free IT and Security Audit and take the first step toward a safer, more secure business.