Better rethink your password strategy if you’re like most people. Do you use the same passwords for all your websites? Do you use one of these top 20 passwords of alltime:
- 123456
- 12345
- 123456789
- Password
- iloveyou
- princess
- rockyou
- 1234567
- 12345678
- abc123
- Nicole
- Daniel
- babygirl
- monkey
- Jessica
- Lovely
- michael
- Ashley
- 654321
- Qwerty
Using a common password opens you up to a “Rainbow List” attack. A rainbow list is nothing more than a brute force way of using thousands of common passwords tries to break yours. 82% of passwords are found on rainbow lists. Don’t be common or predictable. Use a combination of character types: upper case letters, lower case letters, numbers and special characters.
Analysis of stolen password files (i.e. the ones recently posted from Sony or Gawker) show some interesting trends. 93% of all passwords are between 6 and 10 characters long. Only 4% of passwords use three or more character types and only 1% use special characters.
If you use the same password for all of your sites, you risk one site being compromised and your password being used on your bank account, for instance. Only about 8% of passwords found across stolen sites were unique, so 92% of people used the same password repeatedly.
Your best bet is to use a password manager…and not the one in your browser, which is not secure. Services such as keepass, lastpass and 1Password can help generate strong, random passwords and then manage their use. Some are free and some have interfaces with smartphones.