We all know it’s important to have a strong password. If a hacker is able to access your account, they could obtain dangerous information, install malware, steal data, or attempt a cyber-fraud like whaling.
A survey by Google found that 50% of people use the same passwords for the majority of their accounts, making them easy to hack.
According to data obtained by the National Cyber Security Centre, some of the most common passwords are:
In 2012, millions of LinkedIn users had their usernames and passwords breached. This meant that accounts were hacked and cybercriminals sent messages and posted links from people’s profiles, causing their ‘connections’ on the site to click on infected links which may have contained malware or ransomware. Some reports suggested that as many as 170 million accounts were compromised.
A recent survey by security.org found that 14% of 750 Americans are currently using "Covid-19" as part of their passwords!
Password best practice
Make sure to use different passwords for different accounts. Don’t use the same password at work that you use for personal accounts at home.
Current password guidance recommends that passwords should be made up of three or more random words strung together e.g. 'coffeetrainfish' or ‘walltinshirt’, with capital letters, special characters and random numbers mixed in e.g. ‘CoffeeTrainFish62#’ or ‘48!WallTinShirt’.
You must always ensure not to reuse passwords or have ones that are similar to your previous passwords. They should all be totally unique across systems and after a password change.
Avoid anything that hackers could guess or get hold of from social media, such as:
- your name
- favourite football team
- recent holiday destinations
- child’s name
- your birthday
- partner’s name
- pet’s name
If you suspect you’ve been hacked, change your password immediately. You should always use different passwords for every account, and never write them down or store them in a shared file.
Find out more on the NCSC's website