So far we’ve looked at phishing and whaling, and ransomware. Today’s topic is password security.
According to an analysis of millions of ‘dumped’ passwords, the 10 most common were:
Research shows that the majority of people use only two passwords for all of their accounts, making them easy to hack. Using the top 10 passwords listed above, it’s estimated that a hacker would be able to guess an average of 16 out of 1,000.
In 2012, millions of LinkedIn users had their usernames and passwords breached. This meant that accounts were hacked and cybercriminals sent messages and posted links from people’s profiles, causing their ‘connections’ on the site to click on infected links which may have contained malware or ransomware. Some reports suggested that as many as 170million accounts were compromised.
A secure password should be at least 13 characters long and include a mixture of letters, numbers and characters. The National Cyber Security Centre (NCSC) recommend using three random words with numbers and symbols, for example coffeePostcardgreen39!
Details that hackers could guess or get hold of easily from social media should always be avoided, such as:
- your name
- favourite football team
- recent holiday destinations
- child’s name
- your birthday
- partner’s name
- birth place
- pet’s name.
If you suspect you’ve been hacked, change your password immediately. You should always use different passwords for every account, and never write them down or store them in a shared file. More information can be found on the NCSC's website
To recap any other topics covered this week, follow the thread on our website here or our social media: