Every security expert, or technology writer keeps telling people to have strong and robust passwords, preferably one with more than 13 characters. Yet, we found bad habits persist or ease of doing things makes people lazy. After evaluating over five million passwords leaked over the Internet, password management services-provider, SplashData, found '123456' and 'password' have remained two worst passwords in 2018. These two passwords have maintained their lead on the list for fifth consecutive year.
Each year, SplashData evaluates millions of leaked passwords to determine which passwords were most used by computer users during that year. Even with the risks well known, many millions of people continue to use weak, easily guessable passwords to protect their online information. Year 2018 was the fifth consecutive year that “123456” and “password” retained their top two spots on the list. The next five top passwords on the list are simply numerical strings.
For general sites, which do not affect you personally or financially, you need to use simple, memorable phrases, to create passwords. Reserve your strongest, most distinct passwords for critical services—like your bank account, your computer, personal e-mail and social media sites.
Never share your passwords with anyone. Create passwords using memorable phrases; mix it with numbers, special characters. Never use a word from a dictionary, either as base or password. Feel free to mix languages. For financial transactions, I would suggest a password with a length of at least 13 characters.
SplashData also advises to use passphrases of twelve characters or more with mixed types of characters, usage of different password to each login, and use of a password manager (app or software) to organise and generate secure random passwords.