The annual list for the top (worst) passwords is out, and it does not bode well for password security. While many people have moved on from last year’s “password”, many have chosen “123456” as a replacement. Other favorites include “abc123”, “admin” and “letmein”. Even if your password is slightly more creative, the new year is a great time to revisit your password security.
Many people choose a single, easy to remember password for all of their online accounts, including web hosting, simply because it is too difficult to remember so many. They also tend to use simple passwords because they might believe that it is too difficult to remember a complex one. After all, we live in an age where you no longer even have to remember someone’s phone number, as your phone stores it for you.
To make things a little easier, many password generators offer mnemonic devices to help you remember your password. For example, the Linux-based tool APG will give you a pronounceable password like TahyHoavros8 and then tell you to pronounce it “Ta-hy-Hoav-ros-EIGHT”.
Some security companies are also now offering cloud-based password vaults that store all of your passwords and allow you to access it with a single master password. This might be good for some, but those worried about storing such data online might find it unsettling. Instead, you could use a tool like Truecrypt to create your own encrypted password vault that only you can access on your own computer. Of course, if you use “123456” as the password to gain access to it, you have still missed the point.