Are Credit Card Processing Fees Tax Deductible?
March 24, 2020Is Buying A Used POS Terminal Worth It?
April 7, 2020For any business that is connected to the Internet and accepts payments other than cash or check maintaining PCI Compliance is extremely important. In today’s world more of our lives and our businesses depend on using the Internet. One important part of PCI Compliance is protecting your computer systems by using secure passwords. As the past year and the past decade has come to a close we take a moment to examine the worst passwords of not only the past year but also the past decade.
Every year there are data breaches. There were thousands of them in 2019 and that means that a lot of information is stolen, passwords in particular. This information is then put on the dark web for sale. At the end of every year these files are analyzed to determine what the worst passwords are for people to use and unfortunately people do not seem to learn.
For the record, 2010 is covered by Symantec here. 2011 on has been compiled by SplashData. For a top 25 list from 2011-2019 click here and the full 2019 top 100 can be viewed here.
What Passwords Not To Use In 2019
Unfortunately every single year it seems like the same passwords top the last. The order may be slightly different but it seems like it is the same ones and 2019 is no different. Taking the not-so-coveted top spot as the most common password used on the Internet in 2019 is 123456. Other variations of that password also are found in the top 10 like 123456789 which came in at #2, 1234567 which came in at #5, 12345678 which came in next and 12345 which came in at #7.
The #3 spot was held by qwerty with #4 being a former top spot dis-honoree in password. #8 was iloveyou, #9 was 111111 and rounding out the top 10 was 123123. If you are using any of these passwords change it now, do it now! We will wait for you.
In the past decade either 123456 or password has held down the top spot. It is slightly encouraging to see the use of password begin to decline in usage and we will see if that trend continues into the 2020s.
The Past Decade
In many cases the top 10 has not really changed all that much in the past decade but there have been some passwords that have fallen out of use. Popular passwords in the top 10 in 2010 that have fallen out are #5 pussy, #7 dragon, #9 696969 and #10 mustang. In 2019 these passwords have fallen out of favor. Pussy and mustang are no longer found in the top 100, dragon has fallen to #23, and 696969 has fallen to #93.
Others that have entered and left the top 10 include monkey, letmein, trustno1, baseball, football and sunshine among others. As a reminder, while it is good to stop using a password like this simply changing it to another password that is commonly used is not a good idea.
These ignominious lists also are reflections of culture. Popular movies or movie themes can be found and as the buzz around them changes those passwords fall out of favor. All that proves is that people do know how to change their passwords. These include the previously mentioned football and baseball as well as wizard, solo, starwars, batman, soccer, hockey, superman and princess. For whatever reason basketball never made it (that does not mean that it is a good password to use!).
Names are also a popular choice and some that have graced the top 100 include michael, jordan, jennifer, hunter, thomas, robert, buster, george, andrew, charlie, jessica, william, daniel, heather, joshua, ashley, maggie, michelle, matthew, ginger, nicole, sparky, taylor, amanda, donald and bailey. Using a name is not a good idea. These can be easily found for yourself, your significant other and even your kids.
What Is A Secure Password
We have been over this before but it bears repeating. A secure password should be a mix of letters, numbers and even characters. It should be at least 8 characters long but it is recommended that it should be longer, at least 16 characters if possible. Making it this length and more complex will not only make it harder to guess but also harder to brute force attack. It will also make them harder to remember so using a program like a password manager is a must.
The more complex the password the harder it will be to break. Password generators can be found on the Internet, here is one of them. The harder it is to break the more secure your computer systems are and that will make PCI Compliance easier on you. This is also something that your employees should heed as well as your system’s security is only as secure as its weakest link.
Either way pull up these lists and make sure that your password is not found on it. If it is, you need to change it. The future of your business could depend on it.