Shaking my head. Considering all the public and political furor over the past few years about passwords…

  • Facebook /Harvard Analytica data leak…
  • Yahoo reporting 3 billion of its customer accounts hacked in 2013…
  • Equifax revealing that Social Security numbers, credit card numbers, names and addresses were stolen from over 140 million Americans…

… one would think we have all become more vigilant about our personal first line of defense, passwords. One would think.

A recent study (commissioned by password management website LastPass ) found that 91% of people knew using the same password for multiple accounts was wrong — but 59% did it anyway! What??? You can’t blame this stupidity on the Trump administration (well, you can blame it for not making a greater effort to publicize this).

No, this falls to you, the public and small business owners who take the short cut with simplistic passwords. Do you know what the top passwords for 2017 were? Some of you only need to look at the slip of paper hidden under your keyboard.

SplashData has published its annual list of the 25 worst passwords of 2017 (as compared to 2016 positions) You can see the full list in this article from Fortune.

  1. 123456 (Unchanged)
  2. Password (Unchanged)
  3. 12345678 (Up 1)
  4. qwerty (Up 2)
  5. 12345 (Down 2)
  6. 123456789 (New)
  7. letmein (New)
  8. 1234567 (Unchanged)
  9. football (Down 4)
  10. iloveyou (New)
  11. admin (Up 4)
  12. welcome (Unchanged)
  13. monkey (New)
  14. login (Down 3)
  15. abc123 (Down 1)
  16. starwars (New)

SplashData CEO Morgan Slain has stated. “Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words.” Words like “Starwars.”

In fact, nearly 70% of responding millennials to the Last Pass survey settle for a variation of one or two passwords on all their personal and business accounts so that they can remember them more easily. Does this sound like you?

I got a bad feeling about this…

According to the LastPass study, FIVE MILLION records are breached daily. Daily.

Could any of yours have been hacked? I found a tool for you to use. It’s called Pwned Passwords. Four of  mine weren’t. One was. Try it!

So, what can you do? CHANGE YOUR PASSWORDS. Regularly.

Mix the name of every Avenger with a city in Scandinavia? Do a password partially in English and partially in a foreign language (or better, alien, such as Klingon)? Take the time and be imaginative.

The harder you make it for you to create, the harder it will be for the hacker to break.

(Your thoughts are ALWAYS welcome. Turn this into a conversation either here or on my Twitter account @amssvs}