World Password Day is celebrated on the first Thursday of May each year to raise awareness about the importance of password security, the most prominent threats, and best practices for users to follow. Passwords are a constant for almost all online activities. Creating and managing numerous complex passwords can be a PIA. However poor password habits can result in data theft or account takeovers.
World Password Day Timeless reminders
Make sure none of your passwords are on the list of known bad passwords (or any other list). If they are log on and change them immediately.
Use two-factor authentication, whenever possible. Even if a hacker has your password, they won’t have that random code and therefore won’t be able to get into your account. Not sure if your favorite website supports two-factor authentication, search the Two Factor Auth List to find out.
Consider a password manager. Your brain is no longer an adequate password manager.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Password manager proprietor NordPass has released it’s third annual list of most common passwords. The firm worked with security experts to cull the top compromised passwords for 2022 from 3TB of stolen password data found on the dark web. What they found is like déjà vu, all over again.
2022’s most commonly found password “password” has been in the top 5 since 2019. “Password” was found nearly 5 million times in the NordPass list from the dark web. Eight variants of “password” are included in the list.
Rank
Password
Count
1
password
4,929,113
34
pass@123
3,9046
56
password1
25,113
139
Password
12,029
173
password123
9,889
188
Pass@123
9,359
189
passw0rd
9,349
192
Password1
9,220
The second most popular password “123456” had held the number 1 spot in 2020 and 2021.
C-level passwords
NordPass also looked at leaked C-level passwords. The big bosses are not better than their staff. C-level staff use the same top ten bad passwords.
123456
password
12345
123456789
qwerty
1234
qwerty123
1q2w3e
111111
12345678
Other password facts
For the first time the Nordpass results were broken out by gender. Both men and women favored the same top bad passwords.
Movies on the list:
#125 “superman” was used 12,100 times.
#171 “matrix” was used 10,122 times.
#185 “batman” was used 9,407 times.
#196 “starwars” was used 9,091 times.
Hockey teams are popular for bad passwords. “Detroit Red Wings” and “Columbus Blue Jackets” were among the most popular sports themed bad passwords.
On the music front, “U2”, “Prince” and “Metallica” were popular hacked passwords.
Small cars are popular for lazy passwords. “mini”, “kia”, and “vw” were frequently used.
2022’s worst passwords
Rank
Password
Change
from 2021
1
password
+4
2
123456
+1
3
123456789
-1
4
guest
New
5
qwerty
-1
6
12345678
0
7
111111
0
8
12345
-5
9
col123456
New
10
123123
-2
11
1234567
-1
12
1234
+5
13
1234567890
-4
14
000000
-2
15
555555
New
16
666666
+8
17
123321
+2
18
654321
+5
19
7777777
New
20
123
New
21
d1lakiss
New
22
77777
New
23
110110jp
New
24
1111
New
25
987654321
0
rb-
It is worth pointing out again, and again again.
Make sure none of your passwords are on this (or any other list). If they are log on and change them immediately.
Use two-factor authentication, whenever possible. Even if a hacker has your password, they won’t have that random code and therefore won’t be able to get into your account. Not sure if your favorite website supports two-factor authentication, search the Two Factor Auth List to find out.
Consider a password manager. Your brain is no longer an adequate password manager.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
It Super Bowl time again. Many people look forward to the big game ads that are created specifically for the semi-offical national holiday. Companies spend a LOT of money to advertise during the big game. Statistafound that since 2010, the average rate for a 30-second spot during the Super Bowl broadcast has risen from $2.77 million to $6.50 million, making it by far the most expensive time slot U.S. television has to offer.
The payback is huge. According to Statista, viewers tend to pay special attention to Super Bowl ads, as agencies typically try to honor the big game with especially witty and funny ads. In recent years, the dawn of YouTube has added another bonus for Super Bowl advertisers seeing that the most popular ads often reach millions of additional viewers on the platform.
Here are my most memorable Super Bowl tech ads in chronological order.
Xerox “Monks” (1976)
In this Xerox spot for Super Bowl X, Brother Dominic has a problem. The head of his order wants 500 copies of a handwritten manuscript. So he does what any smart monk would do — he turns to Xerox (XRX). The miraculous Xerox 9200 duplicating system saves the day. The Xerox 9200 duplicating system feeds and cycles the originals, duplicates, reduces, collates and more, all at “an incredible 2 pages per second.” Hallelujah!
Apple “1984” (1984)
The iconic 1984 Apple (AAPL) Macintosh commercial aired on television only once – during the 3rd quarter of Super Bowl XIX. Based on George Orwell’s novel, Nineteen Eighty-Four the spot told the world the new Apple Macintosh computer would free individuals from the overbearing control of “Big Brother” – presumably, IBM’s Personal computer.
Iomega “Bermuda Triangle” (1998)
This Super Bowl XXXIII spot fromIomega shows the interior of an airplane flying through the Bermuda Triangle, with multiple objects (and people) rapidly disappearing around the spokesperson. Ironically, Iomega Zip drives were often subject to a phenomenon known as the “click of death” — a sound marking the drive’s failure and complete data loss.
Monster “When I Grow Up” (1999)
Monster.com‘s excellent ad for 1999’s Super Bowl XXXIV captured the malaise of Y2k. The ad featured children explaining what they would be when they grew up, including “I want to climb my way up to middle management.” The end of the ad displays the message “What did you want to be?” The message was simple and effective debut – Monster.com helps you get a new job. Sounds like a precursor of 2022’s Great Resignation.”
E*Trade “Monkey” (2000)
This 2000 Super Bowl XXXIV ad from E*Trade was originally written to lampoon the expense of advertising on the big game. It turns out to foreshadow the dot-bomb. On the ad, chimp dances as two men clapped for 30 seconds. The add closes with, “Well, we just wasted 2 million dollars. What are you doing with your money?”
Spooky from a stock market player.
Hulu “Alec in Huluwood” (2009)
In this Super Bowl XLIII ad Alec Baldwin introduced Hulu to the general public. The ad claims that the streaming service was actually an evil alien plot to destroy the world.
When you’re as big a star as Sir Anthony Hopkins, you don’t ever need to sell anything. Especially if was free. This subtle TurboTaxSuper Bowl L ad was a hit in 2016.
Dashlane “Password Paradise” (2020)
The password manager went big time in 2020 with a Super Bowl LIV ad. As followers of the Bach Seat know passwords suck and Dashline made it clear how important it is to know your passwords.
rb-
That was my most memorable Super Bowl tech ads in chronological order. Did I miss any memorable Super Bowl tech ads?
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Today is Data Privacy Day. Data Privacy Day commemorates the first legally binding international treaty dealing with privacy and data protection, signed on January 28, 1981. It is observed annually in Canada, the U.S. and Europe. In North America, Data Privacy Day campaign is officially led by the National Cyber Security Alliance (NCSA).
Data Privacy Day Tips
The more information you share about yourself (as well as your friends and family), the greater the risk of exposure to online threats such as identity theft, cyber-stalking and cyber-bullying. Here are some simple tips on how to protect your online information, identity and privacy on Data Privacy Day 2022.
Secure access to your devices
Use strong passphrases, passcodes or touch ID features to lock your devices. These security measures can help protect your information if your devices are lost or stolen they can keep snoops out of your business. Strong passwords tips from Cnet.
Think before you share
Big tech loves your data. This data privacy day, take steps to protect Information about you, such as the games you like to play, your contacts list, where you shop and your location. It all has value to Facebook. Treat your info – just like money. Be thoughtful about who gets that information and how it’s collected through apps. Tips to protect yourself from Facebook.
Be smart about Wi-Fi
Public wireless networks and hotspots are not secure. Anyone can potentially see what you are doing on your mobile device while you are connected. Limit what you do on public Wi-Fi. Avoid logging in to critical accounts like email and banks on these networks. Consider using a virtual private network (VPN) to be more secure on the go. Safe VPN apps according to Tom’s hardware.
Keep your mobile phone up to date
Your mobile devices need regular updates just like your PC or laptop. This data privacy day, install the most up-to-date security software, web browser, operating system and apps. This is the best way to protect you privacy. Patching all your devices is the best defense against viruses, malware and other online threats.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
I could not let 2021 wrap up without the annual look at the OMG WTF are they thinking worst passwords list. I have been covering the sorry-state of passwords since 2010 and unfortunately little has changed. The biggest change has come in the increased number of mega-breaches leaking passwords all over the Intertubes.
Here is NordPass’s 2021 list. Nordpass and independent cybersecurity researchers evaluated a database with 4 terabytes’ worth of data. You can visit the NordPass website to see all 200 of the entries from 2021. But here are the top 25 most common passwords:
2021's Worst Passwords
2021's 25 worst passwords compiled by Nordpass.
Rank
Password
Change from 2020
1
123456
-
2
123456789
-
3
12345
+5
4
qwerty
+8
5
password
(1)
6
12345678
-+1
7
111111
(2)
8
123123
(2)
9
1234567890
(1)
10
1234567
+1
11
qwerty123
New
12
000000
+3
13
1q2w3e
New
14
aa12345678
New
15
abc123
(2)
16
password1
+3
17
1234
(1)
18
qwertyuiop
+6
19
123321
+4
20
password123
New
21
1q2w3e4r5t
New
22
iloveyou
(5)
23
654321
+1
24
666666
New
25
987654321
New
Bad password factoids
The top 25 bad passwords can be cracked in less than 1 second by a bot (or person) according to Nordpass.
94% of the most frequent passwords – can be cracked in less than 10 seconds.
The most secure password “myspace1” ranked #54 on the list. It was used by 1,619,027 users and can be cracked in 3 hours.
The most popular sport on the list is “football.” It ranked #60 and was used by 1,468,381 users.
“Superman” protected 1,180,436 accounts. He ranked 81st but could be cracked in less than 1 second.
The most popular movie on the list was “starwars.” 701,474 users tried to use the Force to protect their accounts. Unfortunately the Force is not strong with this one, it could be cracked in less than 1 second.
Password risk index
The NordPass researchers also devised a risk index based on the number of passwords leaked in each country per capita. Russia came in first with an astounding 19.9 passwords leaked per capita. Other counties that leaked the most passwords are:
The Czech Republic 6.2,
France 6.0,
Germany 5.8,
U.S. 5.2,
Italy 4.4,
Canada 3.6,
Australia3.3
and Poland 3.6.
rb-
You can test the strength of your password by visiting this site and typing it in. They claim the site isn’t creating a repository of passwords because your information is never sent over an internet connection. The best part? As you type, the software tells you approximately how long it would take a computer to figure out your password. The site turns red if your password is weak but slowly turns green as you make it stronger. It’ll even give you tips on how to improve your password security.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
The payback is huge. According to Statista, viewers tend to pay special attention to Super Bowl ads, as agencies typically try to honor the big game with especially witty and funny ads. In recent years, the dawn of YouTube has added another bonus for Super Bowl advertisers seeing that the most popular ads often reach millions of additional viewers on the platform.
The more information you share about yourself (as well as your friends and family), the greater the risk of exposure to online threats such as identity theft, cyber-stalking and cyber-bullying. Here are some simple tips on how to protect your online information, identity and privacy on Data Privacy Day 2022.
