Passwords Are (Almost) Universally Garbage
The data is in, and it looks like we should all be thoroughly ashamed of ourselves. Recently, password manager NordPass released a list of 2020's most popular passwords, and even with a global pandemic forcing the majority of our work, social lives, and hell, even human interactions to occur online, it seems most of us could not be bothered to adopt less-than-terrible passwords. Coming in at the top spot? "123456," a password that is both used by 2,543,285 people online and takes less than one second to crack, according to the site. The runner up? The incredibly-creative variation of its predecessor, "123456789" followed by "Picture1," and of course, the quintessential bad password, "password" itself. The rest of the top 25 are not too great either:
1111111 and 000000? Who do we think we are, Kanye West circa his 2018 breakdown? Iloveyou? Try I loathe you, bad password. Omgpop? More like OMG, stop. Come on, people, we're better than this.
Now, I know what some of you are thinking -- "'123456'? 'password?' Carly, I know how basic internet password protection works. There's no way MY password could be as bad as ANY of those. Well, Hackerman, I have some bad news. Pop culture terms like "naruto" and "Pokemon" also made the list.
"Last year, the password 'onedirection' came 184th on the list. This year, it didn't make it at all," NordPass spokesperson, Patricia Cerniauskaite, explained to Motherboard. "This could be because the group has lost its popularity, as they are pursuing solo careers, or it could also be that their fans are becoming more cyber-conscious. However, 'pokemon' has become a much more popular password, as well as 'blink182' -- we could speculate that their popularity is rising."
Sorry, Harry Styles! However, it might be best to steer clear of these types of passwords altogether, according to Morgan Slain, CEO of SplashData. "Additionally, Slain points out that attackers are quick to use common pop culture terms to break into accounts online, in case you thought you were the only Star Wars fan," Vice's tech vertical reported back in 2017.
So how exactly can one effectively secure their accounts, according to NordPass? Avoid using adjacent keyboard combinations, repeating characters, and anything relating to personal information, like names and birthdays. Use different passwords for different accounts and make them as long as possible -- 12 characters minimum, if possible, and swap them every 90 days. Vice also suggests using multi-factor authentication and a healthy mix of caps and unique characters.
In short, your current password is probably bad, and you should feel bad. Now change your logins to something even Mr. Robot himself would struggle to crack. You can do this.