Lock the Doors to Your IT System with Strong Passwords

Using a strong password is one of the simplest security measures people can take to protect themselves online. Despite how easy it is to make a strong password, using predictable passwords remains all too common.

When you use a predictable password, you in effect open the door of your business to data thieves and criminals who want your money or want to use your computers for scamming and spamming.

The Top 25 Passwords

Here are the 25 most common passwords according to SplashData’s annual list of the most common passwords found on the Internet in 2015. If you see your password in this list, change it now! See our tips for strong passwords below.

1. 1123456
2. password
3. 12345678
4. qwerty
5. 12345
6. 123456789
7. football
8. 1234
9. 1234567
10. baseball
11. welcome
12. 1234567890
13. abc123
14. 111111
15. 1qaz2wsx
16. dragon
17. master
18. monkey
19. letmein
20. login
21. princess
22. qwertyuiop
23. solo
24. passw0rd
25. starwars

For the past 3 years, “123456” and “password” have been #1 and #2 on the list. In the 2016 presidential political campaign, one candidate’s campaign manager had his Google email account hacked and his password was “password!”

Qualities of a Strong Password

If your password looks something like “j8X3lz@62$q,” you probably already know what you’re doing. On the other hand, if your password even remotely resembles any of the passwords from the list above, keep reading.

Strong passwords are not easy to guess and they shouldn’t be relatable to you in any way. Here are some general tips for creating strong passwords.

Never use a favorite sport. It’s common, it’s easy to guess and it’s easy to identify with you. This goes for movies, books, or any other familiar words and phrases.

Never use birthdates or phone numbers. People like to use a string of numbers for a password, thinking that those numbers look arbitrary to someone who doesn’t know what they mean. The problem is that it isn’t very challenging to figure out the meaning of these numbers. Never include numbers that have any relevance to your identity or contact information in any password you use.

Don’t use names in your password. Names are easy to guess. Even if you aren’t using the names of your kids or spouse, you still aren’t giving potential intruders much of a challenge. Anything that can be guessed as easily as a name, will be guessed eventually.

Longer passwords are safer. The more characters a password has, the harder it is to guess or decode. We recommend you use a password of at least 8 characters or more.

Use a variety of character types. Every password should include, at minimum, a lower case letter, an upper case letter, and a number. Whenever possible, you should include a special character (#@!) as well.

Don’t use the same login/password combination on different websites. Yes it’s convenient to use the same username and password for everything, but it also significantly decreases the security of your personal information. At a minimum you should create unique passwords for your bank account and credit card account. If you simply refuse to create a unique password for each site, consider creating several passwords to use—one for social media, one for work-related services, one for banking, and one for personal interests.