Here Are the Worst Passwords of 2018

Splashdata has recently released its annual “Top 100 Worst Passwords” list for 2018, and the passwords used are still shocking as ever to see. Despite repeated warnings from cybersecurity experts on utilizing more complex, hard-to-guess passwords, the list still shows that the most popular choice for users is “123456”. Coming in at 2nd place is “password”. In these past five years, both passwords occupied the top of the list.

Popular name references have also been included as commonly used passwords, including “jordan”, “donald”, or “charlie”.

SplashData’s CEO Morgan Slain commented how, “Hackers have great success using celebrity names, terms from pop culture and sports, and simple keyboard patterns to break into accounts online, because they know so many people are using those easy-to-remember combinations.”

This “worst password” ranking is based on data gathered from more than 5 million passwords leaked from North America and Western Europe. Estimates have shown that 3 percent of people from the leaked accounts used the password “123456” and 10 percent had used at least one password from the Top 25.

It turns out not even breaking stories involving data breaches are enough to sway the population to strengthen their password choices.

As provided by SplashData’s list, here’s 25 of the worst passwords used in 2018:

1) 123456

2) password

3) 123456789

4) 12345678

5) 12345

6) 111111

7) 1234567

8) sunshine

9) qwerty

10) iloveyou

11) princess

12) admin

13) welcome

14) 666666

15) abc123

16) football

17) 123123

18) monkey

19) 654321

20) !@#$%^&*

21) charlie

22) aa123456

23) donald

24) password1

25) qwerty123

If any of these seem recognizable for your own accounts, we highly recommend you to update your password to something more complex. Phrases used with symbols and numbers ensure your account stays protected, as such passwords would be more difficult to guess. For example, rather than using a simple phrase like “technologyrocks”, use “T3chn0logyR0cks!” instead.

For the full list of the “Top 100 Worst Passwords of 2018,” see this post here.

ATTN Trello Users: Don’t Post Your Passwords on Your Boards

These days, with so many website accounts to keep track of, we turn to applications that can offer us the most convenience in maintaining all our passwords in one place, but dear Trello users: Trello is not a great way to preserve this precious information.

Initiated in 2011, Trello has become a space in which project collaboration with team members is made easy through sharing of boards and lists. However, the site has also become popular for the use of password listing for users, and this comes with consequence, as members of the community are susceptible to password thieves and hackers.

Research from David Shear of Flashpoint–a security firm–found that many users posted login credentials, passwords, and sensitive data on public, or “open” boards. He and Brian Krebs of KrebsOnSecurity alerted Trello of the boards, and some users have already been notified via comment posts like “Change your password” on their boards from other community members.

As Krebs explains on his post:

“One particularly jarring misstep came from someone working for Seceon, a Westford, Mass. cybersecurity firm that touts the ability to detect and stop data breaches in real time. But until a few weeks ago the Trello page for Seceon featured multiple usernames and passwords, including credentials to log in to the company’s WordPress blog and iPagedomain hosting.”

Trello is now working with both Krebs and Shear to purge the site of its public boards with sensitive data, further teaming up with Google to clear the cached sites.

As one Trello spokesperson comments:

“We have put many safeguards in place to make sure that public boards are being created intentionally and have clear language around each privacy setting, as well as persistent visibility settings at the top of each board.”

While Trello can be used for business purposes, it’s safe to say it’s not the best place to store your passwords, especially if there are options to make your boards public. Do yourself a huge favor, and steer clear of pasting passwords on sites/apps that can potentially post your information publicly.

For more information from the original article, please click here.

May the (Cybersecurity) Fourth Be With You & World Password Day

May 4th is a very important day for cybersecurity and Star Wars aficionados, alike. At Inverselogic we’re both, which is why we are celebrating World Password Day all while battling each other with lightsabers.

According to McAfee’s World Password Report, 34% of people surveyed report that they use the same password for multiple accounts. 37% of people are still storing their passwords on a piece of paper and kept in a place they deem of as safe. Most have yet to enable two-factor authentication.

With this being said, today should be the day that you change your passwords, Layer Up with two-factor authentication, and indulge in a nice, Star Wars binge-watching session with your Chewbacca mask on.

May the (cybersecurity) Fourth Be With You, young padawan. 

#Inverselogic #MaytheFourthBeWithYou #LayerUp #WorldPasswordDay

For more information, please read McAfee’s report by clicking here.

Predictability of Your PIN Code

Taking advantage of holiday sales might mean more trips to the bank and frequent use of your debit card. Unfortunately, the more you use your bank card the higher your risk of vulnerability to fraud and identity theft. Have you ever wondered how easy it might be for someone to crack your PIN code? Database analysts at DataGenetics broke down the trends in passwords from previously released tables and security breaches.

The most common four digit password was”1234″ which accounted for 10.7% of all passwords analyzed. Not surprisingly, the second and third most common passwords were “1111” and “0000”. Think those are too easy to guess? If you use numbers like your birth date, zip code, or street number, your code can easily be guessed if your wallet is lost or stolen along with your debit card and ID. It would be safer to use a relative’s birth date or a number unrelated to your personal information.

The 20 most commonly used password codes are fairly predictable.

The most uncommon codes from the data set were “8068” and “8093”. But we suggest a safer strategy for keeping your money protected- keep your debit card secured at home when it’s not needed and use credit cards during busy shopping seasons instead.This way any fraud using your identity can be disputed, leaving your hard earned cash safe and untouched. Fraud of any kind is a hassle and can be a danger to your finances, but it is much easier to dispute a charge on credit than decreased cash in your account when bills need to be paid. So enjoy the after-Christmas sales, and remember to practice safer shopping!