If Your Password Is On This List, It’s Time to Change It

Colin Zick
Foley Hoag LLP - Security, Privacy and the Law
Contact
LinkedIn
Facebook
X
Send
Embed

Foley Hoag LLP - Security, Privacy and the Law

It’s been several years since I have written about password hygeine. I have been hoping that a better security solution would be widely adopted and while I hear rumors in that regard, passwords still reign supreme.  So when I saw that the SafetyDetectives website had listed the 30 most common passwords, it seemed like a good time to revisit the topic.  Their study found that “123456” and “password” still lead the list of most common passwords.  Sigh. 

If you find yourself on that list, do not dispair.  The good people at the FTC have provided some common sense, free guidance when it comes to passwords:

  • Make sure your password is long and strong. 
    • That means at least 12 characters. Making a password longer is generally the easiest way to make it stronger.
    • Consider using a passphrase of random words so that your password is more memorable, but avoid using common words or phrases.
    • If the service you are using does not allow long passwords, you can make your password stronger by mixing uppercase and lowercase letters, numbers, and symbols.
  • Don’t reuse passwords you’ve used on other accounts. 
    • Use different passwords for different accounts. That way, if a hacker gets your password for one account, they can’t use it to get into your other accounts.
  • Use multi-factor authentication when it’s an option. 
  • Consider using a password manager.  This lets you use more complex passwords and share them in a trusted circle.  
  • Pick security questions only you know the answer to. 
    • If a site asks you to answer security questions, avoid providing answers that are available in public records or easily found online, like your zip code, birthplace, or your mother’s maiden name.
    • And don’t use questions with a limited number of responses that attackers can easily guess — like the color of your first car.
    • You can even use nonsense answers to make guessing more difficult — but if you do, make sure you can remember what you use.
  • Change passwords quickly if there’s a reported breach. 

Like everything else, passwords have an AI angle.  ChatGPT probably can’t guess your passwords, but other AI applications can, especially if the passwords are short and commonly used.  So take advantage of the long Juneteenth weekend and raise your password game.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Foley Hoag LLP - Security, Privacy and the Law | Attorney Advertising

Written by:

Foley Hoag LLP - Security, Privacy and the Law
Foley Hoag LLP - Security, Privacy and the Law
Contact
more
less

Foley Hoag LLP - Security, Privacy and the Law on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide