by While they are also sensitive to issues such as cybercrime trends or even human factor dynamics, passwords are a critical security tool and it is known that the use of passwords powerful, complex and unique is one of the key measures to stay safe and deal with the growing threats of the online world.
However, despite repeated warnings from experts in the field, Many Internet users continue to maintain bad habits that can compromise the security of their digital livesas described by NordPass in the latest version of the most common passwords list.
The company’s experts analyzed a 3TB database, with information from 30 countries, including Portugal, in collaboration with independent researchers specializing in cyber security incidents.
Click through the list to see the Top 20 Worst Passwords of 2022
As in previous years, Passwords consisting of simple sequences of numbers, which can be deciphered by hackers in less than a second, are among the top ranked. This year, the list of most common passwords is ironically topped by ‘password’, but there’s also room for words like ‘guest’ or ‘qwerty’.
In Portugal, the scenario is not much different. and, except for sequences of numbers, football clubshighlighting “benfica” or “athletico”, and proper names, between “miguel”; “Gabriel”, “pedro” and the classic “maria”, are among the most common passwords. Terms such as “portugal” and “family” are also included in the Portuguese Top 20.
NordPass experts point it out events that mark current affairs and pop culture also influence the passwords that Internet users usewhich is far from a recommended strategy as cybercriminals keep abreast of the latest trends.
For example, The Batman, Euphoria and Encanto were not only popular movies and series last year. According to shared data, the code “batman” was recognized 2,562,776 times. “Euphoria” and “charm” were found 53,993 and 10,808 times, respectively.
Changing passwords is not enough: good habits to keep in mind
Changing the passwords used on your online accounts is just one of the steps you should take. Start with if make sure your passwords are longer than 12 characters, including upper and lower case letters, numbers and special characters.
It is important that use a different password for each of your accounts. Do not forget: Reusing passwords is a dangerous practicebecause if one account’s credentials fall into the hands of cybercriminals, the rest are at risk.
If you suspect that one of your accounts has been compromised or if the service you belong to is the victim of a computer attack, change your password immediately. The HaveIBeenPwned platform can also help you check if any of your passwords have already been compromised.
In addition to changes after cyber attacks, experts in the field recommend this renew passwords on a regular basis, ideally every 90 daysalways checking if they are strong, complex and unique.
Online accounts that you no longer use but contain personal data may be subject to threats. It is best to check your accounts and eliminate those that are not being used.as we explain in this How to TeK.
Password management services can be very useful and, in this article, you can find eight suggestions. Moreover, you should enable two-factor authentication on online accounts. If you haven’t already, follow the instructions in this How to TeK for some of the more popular platforms.
Is the future “passwordless”?
Just last year, on the date World Password Day was celebrated, at Google, Apple and Microsoft they announced that they were going to be available support for passwordless FIDO authentication standards.
Through the standard created by the FIDO Alliance and the World Wide Web Consortium (W3C), websites and applications can provide users with ability to authenticate across multiple platforms and devices without the use of a password.
Through the system you will only need to unlock the smartphonevia pin, fingerprint or facial recognition, to log in to websites or apps. The smartphone begins to store a FIDO credential, which is used to unlock accounts.
Microsoft already provided the option to sign in to your Microsoft account without having to use a password, and with the arrival of iOS and iPadOS 16.1, Apple debuted its passwordless browsing security system in Safari. More recently, Support for passwordless authentication has also come to Google Chrome.
Click on the images for more details
