Are you using one of those passwords that are described as weak here? http://www.pcworld.com/article/187354/Study_Hacking_Passwords_Easy_As_123456.html
Below is a list of 500 worst passwords identified by security consultant, Mark Burnet that a lot of people are using. (Perfect Passwords: Selection, Protection, Authentication by Mark Burnet and Dave Kleiman)
These passwords are well-known to hackers. When they launch an attack to crack a password, the first thing they will do is to check it against their database containing commonly used passwords such as these.
Why are these passwords weak? The reasons are, they consist of:
Many people use these easy-to-crack passwords because they have difficulty creating passwords that they can remember if they are long and complex. It becomes a real problem if they try to use different passwords for different websites or portals. They end up either using the same password for different systems or writing them down somewhere which may also put them at risk of compromise if the list dropped into the wrong hands.
Personal Indentification Number (PIN)
PINs are another bugbear we have to live with in this world of technology and computer. At the least, we need them at the ATM to draw money. Or, if you do not like to carry money, then at the shops to make payments through direct deduction from your account with a bank. Again lots of people are found to use easy-to-guess numbers. Nick Berry, a data scientist at Facebook, made an analysis of the most and the least common numbers used as PINs. (http://www.datagenetics.com/blog/september32012/)
On the left is a table showing the top 20 most popular numbers for 4-digit PINs. He found that the most popular number is 1234. In the pool of 3.4 million 4-character passwords he gathered for his study, almost 11% of them are 1234. This means with just one guess with this number, there is a 10% chance of making a hit.
The top 20 most popular PINs add up to 26.83%. Like passwords, we can see that these PINs are actually the worst ones one can use. They are digits in sequence or in patterns like aaaa and abab. Just imagine, with these 20 passwords, it is possible for hackers to gain excess into more than 25% of online accounts.
Nick also found that a popularly used method to generate PINs is to follow a convenient sequence of keys on the keypads like the number 2580 shown on the right.
Other variants are:
for numbers 2046, 1397 and 2486. (Graphics are from: http://www.sleuthsayers.org/2013/08/pins-and-passwords-part-1.html)
PINs can range from 4 to 10 digits. Similar weaknesses are found in PINs of more digits as the table below shows.
In fact, PINs requiring more digits pose even more problem for people. For 9-digit PINs, 35% of people use 123456789. To them, they probably find a random number of 9 digits difficult to remember.
So we can see that memory is the root of the problem. Strong and secure ones are not easy for the memory, especially when they are not used frequently. Try to remember this:
dabtflTS5/~UN
Difficult? Well, you will not find it so if you know how to construct it. I’ll show you how in the posting “Creating strong and secure Passwords”.
Here are the links to it and other postings:
Creating strong and secure Passwords
Personal Identification Numbers (PINs)