Twitter recently experienced a major hack where it saw 33 million user login credentials stolen. What may be more alarming than the hack itself is what the stash of stolen credentials reveal about users’ password security habits. Or, to put it more accurately, the lack thereof.
Security company LeakedSource was able to obtain and analyze the stolen passwords from an online black market. They found that the most commonly used password (connected to more than 120,000 accounts) is also the easiest to guess: “123456.”
This despite (or perhaps because of) the famous password scene from the 1987 film “Spaceballs.” If you recall, the joke was regarding King Roland being blackmailed by Dark Helmet to turn over the password securing Druidia’s planetary force field. The super-secret password in question, “12345.”
The revelation of the password being so ridiculously simple caused Dark Helmet to reply, “That’s the stupidest combination I’ve ever heard in my life! That’s the kind of thing an idiot would have on his luggage!”
Not surprisingly, the other most-used passwords from the Twitter haul are just as easy to guess; “123456789,” “qwerty,” and “password.”
We make the connection to Spaceballs in order to highlight the fact that using weak passwords has been a major IT security issue for at least 30 years, with little hope of things changing. Fortunately, the remedy is quite simple; use complex passwords with a string of random characters. Taking this measure alone will improve your security vastly over all the other King Rolands to be found in cyberspace.
However, using complex passwords will only get you so far. For example, as in the case of the recent Twitter heist, if your password is stolen, then it doesn’t matter how complex it is. This is why we highly recommend that you take advantage of two-factor authentication security solutions. Twitter and other major websites offer two-factor authentication, which messages your mobile device with an additional code upon entering the correct password. It’s a small inconvenience that will virtually guarantee that you’ll be protected, should your password fall into the wrong hands.
Additionally, we recommend following the best practice of using a different password for each of your online accounts. For example, if your Twitter password gets stolen and this happens to be the same password used for your other online accounts, then the hacker would have an easy time logging into your other accounts.
Actually, this happens more than you would think, with Facebook’s Mark Zuckerberg becoming the recent poster child. On June 6th, Zuckerberg briefly lost control of his Twitter and Pinterest accounts after hackers used the same password to access both. The password in question was not only ridiculously easy to guess, but it was also one that he’s apparently used before, “dadada.”
Therefore, if you’re using complex passwords, two-factor authentication, a different password for each account, and you’re routinely changing your passwords, you’ll apparently have better online security than Mark Zuckerberg, which is something to brag about.
Following all of these password security best practices will go a long way in protecting your online identity, and when it comes to network security, the more precautions you take, the better. To that end, call SemTech IT Solutions today at 407-830-1434 to equip your business with the best security solutions on the market.