While they are also susceptible to issues such as cybercrime trends or even the dynamics of human factors, passwords are a crucial security tool and it is known to use passwords strong, complex and unique it is one of the essential measures to stay safe and face the growing threats of the online world.
Despite repeated warnings from experts in the field, many internet users persist in bad habits that can jeopardize the security of their digital livesas described by NordPass in the latest edition of the list of most common passwords.
The company’s specialists analyzed a 3 TB database of information from 30 countries, including Portugal, in collaboration with independent investigators specializing in cybersecurity incidents.
Click on the list to see the Top 20 Worst Passwords of 2022
As in previous years, passwords composed of simple sequences of numbers that can be deciphered by hackers in less than a second are among the top places in the ranking. Ironically, this year’s list of most common passwords is headed by the term “password,” but there’s also room for words like “guest” or “qwerty.”
In Portugal, the scenario is not very different. and, in addition to number sequences, football clubswith emphasis on “benfica” or “sporting”, and proper names, between “miguel”; “gabriel”, “pedro” and the classic “maria”, are among the most common passwords. Terms such as “portugal” and “family” also appear in the Portuguese Top 20.
NordPass experts point it out events that mark current events and pop culture also influence the passwords used by internet userswhich is far from a recommended strategy as cybercriminals keep abreast of the latest trends.
For example, The Batman, Euphoria and Encanto were not only popular films and series last year. According to shared data, the password “batman” was identified 2,562,776 times. “Euphoria” and “enchantment” were detected 53,993 and 10,808 times, respectively.
Changing passwords is not enough: good habits to keep in mind
Changing the passwords used on your online accounts is just one of the measures you should take. Start with if make sure your passwords are longer than 12 characters, including upper and lower case letters, numbers, and special characters.
It’s important that use a different password for each of your accounts. Do not forget: password reuse is a dangerous practicebecause if one account’s credentials fall into the hands of cybercriminals, the rest are at risk.
If you suspect that one of your accounts has been compromised, or if the service you belong to has been the victim of a computer attack, change your password immediately. The HaveIBeenPwned platform can also help you check if one of your passwords has already been compromised.
In addition to changes after cyber attacks, experts in the field recommend that renew passwords regularly, ideally every 90 daysalways check that they are strong, complex and unique.
Online accounts that you no longer use, but that contain personal data, can be threatened. It is best to check your accounts and delete the accounts that are not in use.as we explain in this How to TeK.
Password management services can be very useful and in this article you will find eight proposals. Moreover, it should enable two-factor authentication on online accounts. If you haven’t already, follow the instructions in this How to TeK for some of the most popular platforms.
Is the future “passwordless”?
Just last year, on the date World Password Day was celebrated, to Google, Apple and Microsoft announced that they would make available support for passwordless FIDO authentication standards.
Through the standard established by the FIDO Alliance and the World Wide Web Consortium (W3C), websites and applications allow users to ability to authenticate across multiple platforms and devices without using a password.
Through the system it is only necessary to unlock the smartphonevia a pin, fingerprint or facial recognition, to sign in to websites or apps. The smartphone starts saving a FIDO credential, which is used to unlock the accounts.
Microsoft already offered the option to log into the Microsoft account without having to use a password, and with the arrival of iOS and iPadOS 16.1, Apple debuted the passwordless security system for Safari browsing. More recently, support for passwordless authentication is also available for Google Chrome.
Click on the images for more details