And Your Password Is… Password

Guy Bunker

A report into the Top 10 passwords for 2008 puts ‘Password’ at the top of the list. It’s been in the top 5 for years – why? You would have thought that people would realise that if it (whatever it is) is worth protecting by a password then they would realise that it is of value to someone else.

‘But… it’s only my blog’ or ‘It’s just my social networking account’ or … there is an endless supply of excuses as to why people chose weak passwords – listen up, if it has a value to you, it has a value to someone else. So, now let’s play a game of ‘What If’… and this is what you need to do when setting a password (partner’s name, child’s name, pet’s name – they are all in the popular list – and easily guessable – by machine, don’t think that someone is typing them in, oh no, its all done by machine)… so what if someone gets onto your site and defaces it, perhaps posts objectionable content or pictures, perhaps emails all your friends and tells them that you hate them… it’s coming from your account, they will be impersonating you, how do they know it’s not you? How long will it take to repair the damage caused? Hopefully the picture is clearer now… so when you chose a password make it a strong one – put in a number or two, perhaps some punctuation and have it at least 8 characters long. That way someone won’t come along and hijack your account and maybe your reputation as well.

(Just so you know… the same goes for work passwords as well – many companies have policies and protection in place for work based passwords… and for good reason. Imagine if someone could impersonate you and therefore your company…)


One Response to “And Your Password Is… Password”

  1. » Generating secure passwords on July 14th, 2008

    [...] One corporate blogger at Symantec recently wrote about the useless passwords that people use (with various lists placing “password”) at or close to the top of the list. His source contained some dubious claims (e.g. it claimed that one of the top passwords across Europe is “monkey”… maybe that is the case for English speaking Europeans but it’s unlikely to be the case in French, German, Spanish, Italian, Portugese, Greek, etc., etc.) but his point is valid – systems that require a password require one for a reason – usually to protect either the data contained in the system, or the reputation/identity of the person to which access is being granted or the company who operates the system. [...]

Leave a Reply