Which Passwords Should You Avoid to Keep Data Secure?

In 1966, the first ever password hack was executed. Graduate student Allan Scherr was trying to find a way to spend longer on the time-restricted MIT Compatible Time Sharing System. He discovered he could access every user password by giving the computer a simple command – this allowed him and others to gain additional time on the system and do more of their work. Fast forward to 2024, and many new data breaches have been reported, with millions of passwords being leaked in a matter of seconds.

As recently as the summer of 2024, over 10 billion passwords were exposed in the RockYou2024 breach. Passwords from a previous breach were included, as well as a whole host from various platforms and accounts. Businesses and individuals were affected, with those choosing the same password on multiple accounts being hit hardest.

With such password exposure increasing the risk of criminal activity on seemingly innocent accounts, plus access being granted to confidential information, it is more important than ever to follow safe password protocols.

In this edition of our blog, we look at the passwords you should avoid and share some useful tips to help keep your data safe.

What should you do if you have been hacked or had your password stolen?

Before we look at the passwords you should avoid, we will cover the fundamentals of password safety – these are the best starting points if you feel that your digital footprint has been compromised.

Change your password

First of all, change your password. Even if you think your account is safe, it would be best to update it. Avoid passwords like the name of the pet, your favourite sports team or your child’s nickname, especially if these things can be easily found within your online presence. When changing passwords, prioritise accounts like banking, email and social media first.

Use unique passwords

Choose passwords that combine numbers, letters and special characters, and ensure they aren’t used on multiple accounts. Having the same password for your online banking and email could cause significant problems in the event of a data breach or hack.  

Use 2-factor authentication

Acting like an additional wall of security, 2FA means that even if a password is discovered, the hacker may still not be able to gain access to the information they are seeking.

Check your accounts

Look through accounts for which you think the password could have been shared, and check carefully for anything out of the ordinary. This could range from transactions on your bank account to unusual activity on social media.

The types of passwords you should avoid to prevent your data from being compromised

It might sound like common sense to avoid passwords like “password” or “1234”, but many believe that they are unlikely to be victims of a hack, and are therefore not especially thorough when it comes to creating a password. The OWASP SecLists Project shows us that 123456, password, 12345678, qwerty and 123456789 are the top five most common passwords in a list of 10,000.

As a result, these are passwords you should almost definitely avoid, as are the remaining 95 in the top 100.

In addition, you should be looking to make sure that none of your passwords include:

  • Birthdays
  • Your first name or surname
  • Pet names
  • Names of family members
  • Favourite sports teams/favourite celebrities

If you feel that passwords in the above categories would be the easiest to remember, it would be essential to use random numbers or symbols to replace some of the letters. This would make it considerably harder for a hacker to find your password. For example, if you’re a football fan, in this case, we’ll say Arsenal and wish to choose “TheGunners” as a password, you could instead opt for “Th3Gunn3r5”, substituting the e’s and the s with numbers.

You should also look to avoid previously used passwords or those that are similar to ones used in the past. Using the example above, changing your password from “TheGunners” to “TheGunners01” is not likely to pose a challenge to a hacker.

The ten most common passwords currently in use

We would like to think nobody uses the passwords we are about to list below, but if you use any of these ten, you run a greater risk of having valuable data stolen. Change them straight away, using the advice in this guide:

  1. 123456
  2. Password
  3. 12345678
  4. Qwerty
  5. 123456789
  6. 12345
  7. 1234
  8. 111111
  9. 1234567
  10. Dragon

Other passwords that we found in the top 100 included:

  • Abc123
  • Letmein
  • Baseball
  • Football
  • monkey

Tips for secure passwords

Along with following the above guidance, you should also make sure your password is sufficiently complex that hackers would struggle to decipher it.

Also, consider length over complexity. According to Microsoft, choose a password of 14 or more characters to help keep thieves at bay.

You should look to mix up the subject matter of your passwords, too. Using the example from above, if each password was a variant of something based around the theme of TheGunners, a hacker could quickly find the common theme through process of elimination.

Think about making your password something memorable to you, but is unlikely to mean anything to anyone else. For example, comedy shows like “Alan Partridge” have always been a source for slightly quirky quotes. A password of “LongstantonSpiceMuseum1997” isn’t likely to hold meaning for others, but for you, it could be a very memorable password option. Alternatively, you simply use three random words. For example, dog, boat and sky could be used in the more secure form “D0gB0at5ky”.

You can also keep your passwords more secure by staying alert to fraud and using common sense. For instance, no bank or business will ever ask you to provide your password over the phone or via email. Many scammers replicate websites or phone numbers to mask their activities and motives. If you do receive an email or phone call that you think is a scam, ignore it, contact the legitimate business directly and ask if they have been trying to reach you. In 99% of cases, you’ll find that they haven’t.

In most cases, your valuable data will be stored on a phone, laptop or portable hard drive. Once online, these devices can provide thieves with multiple opportunities. In addition, if you are the victim of a break-in, for instance, password-protected devices could be stolen and hacked into.

One way to reduce these risks would be to choose an offsite storage facility like Stockroom London. Our business storage solutions allow you to keep your documents and devices safely stored, with no risk of them falling into the wrong hands. Our data storage allows you to move vast quantities of valuable information onto LTO tapes. This way, password-protected hard drives are not at risk from data breaches or theft.

If you require secure, long-term storage of valuable files and data, contact our team today and reduce the risk of data theft.

Comments

No comments yet.

Leave a Reply