Passwords are used to verify a user only provide a very basic level of protection. It is a weak mechanism. Users who do not master the secrets of informatics do not always choose the best passwords.
A survey made by the National Cyber Security Center (NCCS) of UK examined the passwords of hacked accounts all over the world. This survey revealed that the hacked accounts had passwords containing names, teams, and insults, being the latter the most popular and hackable of all.
The most common and vulnerable passwords used were names like Blink182, a highly predictable one. Contrary to what many believe, the password abc123 was not one of the results shown. Brands, names of famous peoples, even superheroes like Superman.
123456 was the undisputed champion with 23.2 million accounts, an easy password to crack. 123456789 was used by 7.7 million accounts, while qwerty and password were used by 3 million accounts.
For this reason, the NCSC recommend a three “random yet memorable” element password to reduce the risk of hacking. Ian Levy, Head Technician of NCSC said:
“Reusing passwords is an avoidable risk. No one should protect their confidential data with something easy to guess, like first names, local soccer team or favorite band.”
“Using difficult passwords to guess is a first solid step, we recommend combine three random but memorable words. Be creative and use important words to you so nobody can guess your password.”
Moreover, 74% of Internet users use the same passwords in more than one web site. If a hacker gets that password, he will gain access to all your accounts. McAfee, service provider, highlights this trend of recycling passwords for the email, bank account, and social network accounts. There are sophisticated, quick, and effective programs to crack passwords, these are called password crackers, and are based in various combinatory systems. We cannot go down without a fight.
What is the solution?
Is easier than you might think, to start with try how simple is to hack your current password with the app Grader from Intel. This web page detects the weak points of your password and promises not to retain any kind of personal information; nevertheless, like it happens with any network related process, is best not to use our true password but a similar one. Once we input the password in this system, the user can watch a step-by-step about how his suppose safe password is hacked.