The Prevalence of Terrible Passwords

  • 1 August 2013
  • 6 replies
  • 18 views

Userlevel 7
  • Retired Webrooter
  • 1581 replies
From the "Are you kidding me?" department, here is a news story that explains how prevalent bad passwords are among the average Brit.
 


"What do you mean I'm your internet security?" 
Key findings from a Google survey:
Out of 2,000 adults surveyed...
  • Half choose to write down the password.
  • One in ten have correctly guessed the password of a co-worker.
  • A third use their partner's name.
  • Of those, a fifth of them keep using it after they are no longer with the partner.
  • About half have shared their password with others.
  • One in six respondents use their pet's name as their password.
 
Oh Fluffy, you're a cute cat, but you make for a terrible password.
 
With password managers being as commonplace as they are, one might think the average user wouldn't choose to make such bad decisions when it comes to something as important as a password.  Unfortunately, that doesn't seem to be the case.  For more security-conscious individuals, there's Webroot SecureAnywhere Complete which has both a password manager and a password generator.  In combination, you'll never need to manually enter another password to a web site ever again, and the password you'll be using will be the best password possible.  Or you can keep using "spot," - your call.  🙂

6 replies

Userlevel 7
Badge +56
Well I do use one of my Dogs name for my Network but not passwords.


 
Daniel
Userlevel 5
I generally assemble my passwords for the source I'm using it for. I have a baseline password which is totally random collection of numbers, letters and other characters and I combine that with the source of where I need it for to get a totally unique password for that particular situation. Generally it's obvious enough what key I used for the source for me to reassemble the password and to input it. Even after a year of not using a password, I can easily reassemble a seemingly random set of numbers, letters and other characters. Don't even need a password manager (which doesn't work when you're working on computers of other people anyway).
 
Some specific sources (like WSA's console) have different randomized passwords. I found that I can easily remember such complex passwords when I type them in a lot of times.
 
In regards to setting up password complexity, I've found that this doesn't work for all users. Some will complain that it's too complex for them to remember especially if they have to create the password themselves (or change it) and even then a lot of them will write it down defeating the purpose of having the password.
Userlevel 2
It probably helps that my Cat's name is Hun6ryB3@st  not only do i have a secure password, but also a confused Vet!!
Userlevel 7
Badge +13
As often as i have shown my wife how to create better passwords,and how to use the password generator,she still insists on using the same passwords for pretty much everything.She,like a great many others, will only learn once she's been victimized.
Userlevel 7
Creating, and to a much greater degree remembering, a good secure password can actually be very challenging. At least it can be for me.

I don't have to worry too much though, I use Webroot's Password Manager! Thanks!
Userlevel 1
Passwords are one of the biggest annoyances of users - and yet they are a vital part of our online life.
 
Some time ago we covered the subject of creating multiple easy to remember, but complex, passwords in a newsletter, (see http://goo.gl/occvS). This said,
 
"A complex password is built up with CAPITAL letters, lower-case letters, numb3rs and pun&tuat!on marks, such as P4ssw0rD!  But, how would you ever remember several such passwords?

Here's a simple solution. Decide on a random word which will form the basis of all of your passwords. But that word shouldn't be a real word or name which is associated with you in any way, or able to be guessed. So, let's put that into practice.

At school I really liked a girl called Carol, (although I never dared tell her so!) So the basis of my randomly generated passwords shall be "arol".

I'll now add both punctuation and a number  - arol9!

To make it unique, to each and every web site that I use, I shall add the first 2 letters of the name of the company operating that web site to the front of my new password in Capital Letters.

So, if I am dealing with Amazon, I would create the unique password of AMarol9!
Ebay is given EBarol9!
Marks and Spencer gets MAarol9!
The IT Dept = THarol9!

I have quickly and simply created an infinite number of exceptionally strong passwords which are extremely memorable."

Reply