The worst passwords (which everyone chooses) and the best ones (which you should use)
Years go by, but the most common passwords remain essentially the same and are primarily due to the laziness of trying to create a sequence of upper or lower case letters, numbers and symbols that are complex and not traceable to personal information. Underestimating the importance of solid protection exposes you to serious dangers that jeopardize your data from files saved in the cloud to e-banking services. What are the other most common passwords that open the door to malicious access? How to create a strong password that is really strong and durable?
The most common passwords Here are the ten most common passwords in Italy in 2021, according to data collected by NordPass. The first four positions are simple sequences in numerical order that satisfy the minimum required length. There is therefore the timeless "qwerty" which are the first letters on the keyboard at the top left, therefore one of the most popular football teams in Italy or "juventus", a nice sextet of zeros, the disturbing password = "password ”, The proper name" andrea "and" napoli ". These passwords can be cracked in less than 0.1 seconds thanks to unsophisticated - indeed, brute-force - methods that enter the most used keywords until they match the desired one.
123456 123456789 12345 12345678 qwerty juventus 000000 password andrea napoli It is wrong to think that these fragile passwords are used only by individuals, because even at a professional level there are still too many users who do not pay the right attention. As told by another NordPass report, for example, even among managers of managerial level such as entrepreneurs, CEOs or financial directors the infamous "123456" is the most chosen, followed by other very simple sequences or by words such as personal names (Tiffany, Charlie, Michael or Jordan), but also animals (monkey) or mythological creatures (dragon). Still from the same source, it is interesting to go into the analysis of company password leaks in the famous Fortune 500 list: 20% use keywords that are the same name of the company (or minimal variations) or simply the good old "password" .
Less secure password creation methods As anticipated in the previous selection, not only should we avoid choosing too simple common alphanumeric sequences, but we must also consider that possible cybercriminals could derive passwords based specifically on information personal data that can be easily found on social networks or online information. For this reason, here are ten password creation methods that should not be pursued, because a simple online search on Facebook, Instagram or Twitter is enough to fall victim to unwanted logins:
password same as username; to the name of daughter or son; to the name of the partner; the name of the dog or other pet; to your name; on the date of birth or that of the children; your tax code; your favorite sports team or celebrity; the name of the site or service to be accessed; to one of the above, but with weak variants like 123 at the end. Excluding the most common and fragile passwords and methods not to follow, how do you go about choosing the right keyword?
Tips on how to create a secure password The security company Check Point Software Technologies suggests five practical tips to follow to create your own set of secure and reliable passwords:
use a varied combination of characters between letters, numbers and symbols; do not limit yourself to the minimum length, but prefer complex and long words; do not use the same password for all accesses, but a different one for each service; change passwords regularly; always use two-factor authentication. Regarding the first and second point, you must always start from the assumption either you choose a password manager software that creates and safely stores the keywords (here are the best ones) or if you prefer to rely on your own memory, the advice is to leave gives some grip of reality that does not fall within the methods above and make it less decipherable with numbers, symbols and graphic symbols. It is worth noting, however, how many cybercriminals today use systems to force passwords that already consider for example the "3" instead of the "e" or the "0" instead of the "o", so it is not enough to simply transform the password " ciaone "in" C1a0n3 "because it may not be enough.
The third and fourth points may seem self-evident concepts, which are still ignored today, while the services themselves are giving a big hand on the fifth and last one. such as applications, social networks, cryptocurrency wallets and e-banking portals that now force users to log in by combining a fixed password with a single-use code that is generated and sent to the smartphone.
