In the digital age, where our lives are intricately woven with online interactions, cybersecurity is not just a buzzword—it's a necessity. As we navigate through various online platforms, from banking to social media, the significance of a strong password cannot be overstated. Joe Cockroft, an ethical hacker with a wealth of experience in breaching complex systems and understanding the tactics of cybercriminals, has sounded the alarm on the common password pitfalls that many of us are guilty of.

The convenience of using easily remembered personal information as a password is a double-edged sword. While it may seem harmless to use your beloved pet's name or your hometown as a password, Cockroft warns that these choices are far from secure. Cybercriminals are adept at mining personal data from social media profiles and other public records, making such passwords low-hanging fruit for their nefarious activities.

Are you using these common passwords? Credit: Shutterstock

Cockroft's insights align with the findings of NordPass's Most Common Password List, which highlights the prevalence of passwords related to football teams and other single-word options in the UK. These passwords lack complexity and are often the first to be tested by hackers using sophisticated software that can run through millions of potential passwords in a matter of seconds.

If your password is '123456', 'password', or anything similarly simplistic, it's time for an immediate change. These are among the most commonly used passwords and are equivalent to leaving your front door wide open with a neon welcome sign for cyber thieves.

For those struggling to conjure up a strong password, Cockroft offers a lifeline of advice. He suggests creating a combination of letters, numbers, and symbols that are complex and unique to each account. This reduces the risk of a domino effect where one compromised account leads to the breach of several others.

Moreover, Cockroft emphasizes the importance of vigilance. Regularly checking if your accounts have been compromised allows you to take swift action, such as changing your password or securing your account before significant damage is done.

Now, let's unveil the top 10 passwords that you should eliminate from your digital life immediately:

1. 123456
2. password
3. 123456789
4. qwerty
5. 12345
6. 12345678
7. 111111
8. 123123
9. 000000
10. abc123

These passwords are not just predictable; they're an open invitation to cybercriminals. It's time to get creative and secure your digital presence. Consider using a password manager to generate and store complex passwords, enabling you to maintain strong security without the need to remember every single one.

Key Takeaways

• Ethical hacker Joe Cockroft advises against using easily guessable passwords, such as personal information or favourite sports teams.
• Common and simple passwords, like '123456' or 'password', remain popular and are highly insecure.
• A secure password should be a complex combination of letters, numbers, and symbols and should not be reused across multiple accounts.
• Regular checks to see if accounts have been compromised are recommended, allowing for prompt password changes and account security management.

Dear members of the Seniors Discount Club, we urge you to take a moment to review your passwords and update them where necessary. Share this information with friends and family to spread awareness about the importance of cybersecurity. And remember, if you have any concerns or need assistance, don't hesitate to reach out for help. Your online safety is paramount, and a strong password is the first line of defense in protecting your digital life.

 

[Veggiepatch]

My password is "F**kYoUc**T666". Not really!

For those struggling to conjure up a strong password, Cockroft offers a lifeline of advice. He suggests creating a combination of letters, numbers, and symbols that are complex and unique to each account. This reduces the risk of a domino effect where one compromised account leads to the breach of several others.

But this advice is hogwash and using a password manager is even worse.

I have exactly the same password for my financial institution, myGov, tertiary institutions, internet forum access, applications access and a whole lot more. Using a password manager means that your passwords are saved remotely and open to hacking as much as the Optus, Medibank or Temu data breaches.

 

[IAN3005]

Hasn't he heard of 2-step verification?
When you log on it redirects to your mobile phone for verification.

 

[Veggiepatch]

Hasn't he heard of 2-step verification?
When you log on it redirects to your mobile phone for verification.

Applications where money is involved has this feature such as banks and betting accounts. Also with a government workplace log on.

You get a verification code sent to your mobile phone which you enter in the application's log on field before progressing any further. They usually have a very short life before you get denied access. Make too any failed attempts and you get shut out permanently. Getting back in can be a nightmare.

 

[Mr Chips]

I was just thinking about a password manager system when I realized that you need a master password to activate it. That means that if a hacker was to figure out your master password he/she would have access to every single program that I use. Wow, not for me then.

 

[Bridgit]

My password is "F**kYoUc**T666". Not really!

For those struggling to conjure up a strong password, Cockroft offers a lifeline of advice. He suggests creating a combination of letters, numbers, and symbols that are complex and unique to each account. This reduces the risk of a domino effect where one compromised account leads to the breach of several others.

But this advice is hogwash and using a password manager is even worse.

I have exactly the same password for my financial institution, myGov, tertiary institutions, internet forum access, applications access and a whole lot more. Using a password manager means that your passwords are saved remotely and open to hacking as much as the Optus, Medibank or Temu data breaches.

I use a Password Manager BUT I choose to setup my passwords and save them into it - like a filing cabinet. Not wrapped in letting it decide my password - I also use verification codes for the manager and logins.

 

[Wandiwa]

How I build my unique but easy to remember passwords .........
as an example: I have 2 kids named Fred & Mary = first letter of each word gives the password Ih2knF&M

 

[Suzanne rose]

How I build my unique but easy to remember passwords .........
as an example: I have 2 kids named Fred & Mary = first letter of each word gives the password Ih2knF&M

That's a good one , I would have a really long pass word so maybe it would be unhackable

 

[Hollingworthlake]

Yes it is important to be original with passwords. But I have so much trouble remembering what I’ve changed them to. So annoying to think hackers make it difficult for honest people to communicate about

 

[Mary_Again]

I'm hesitant about using a mobile phone as verification - what happens if it's lost or stolen? Also, I avoid automatic verification by my system or permanently opened email accounts, particularly those linked to a financial account or card. I used to accept automatic verification, until I upgraded my computer and forgot one of my passwords (I hadn't used it for months!). The system refused to let me in, claiming I wasn't using a RECOGNISED device. Now I have to enter my password every time I open an account, so I use and so REMEMBER my passwords. Also, if anyone gets access to my computer they will HAVE to break my password to get in. It is extra effort, but I think worth it. I won't let any system get access to my passwords (deliberately at least), like "Google".

 

[Abby2]

I bought new mobile yesterday at Woolies
- it requires My driving license ???
and am unable to log in as I do not have a smart phone to verify my ID???

 

[Mary_Again]

I bought new mobile yesterday at Woolies
- it requires My driving license ???

What happens if you don't have a driving licence? Google? I'm not keen on giving access to such information (or similar) it's as bad as banks forcing you to use cards instead of cash, then charging you for doing so! But then I don't agree with their sending Medicare cards through the mail either! You go through all the effort of proving who you are, then risk identity theft by mail. Not everyone can afford OR access mailboxes (assuming they are safer).

 

[Mr Chips]

How I build my unique but easy to remember passwords .........
as an example: I have 2 kids named Fred & Mary = first letter of each word gives the password Ih2knF&M

AAAAAAH you just gave everyone your password, now what?

 

[Abby2]

I bought new mobile yesterday at Woolies
- it requires My driving license ???
and am unable to log in as I do not have a smart phone to verify my ID???

If I have to have another smart phone to verify my ID then
What did Telstra require My driving license for ???

 

[Mr Chips]

If I have to have another smart phone to verify my ID then
What did Telstra require My driving license for ???

Credit check.

 

[Gsr]

I have a special book that I write all my passwords in. My social media accounts are limited to family and about three friends, I dont discuss much about my family online with any of them so it would be hard for anyone to glean anything much useful off me.