Every year we hear about security breaches at major sites; most recently Living Social, Yahoo and LinkedIn all reported that they’d been hacked. There has been a 22% increase in the number of security breaches at smaller companies and a 5% increase in the case of bigger companies as compared to last year. So how do you protect yourself? It’s all in the password.

When it comes to creating passwords online many of us stick with easy, memorable ones, thinking they are personal enough that a hacker couldn’t possibly guess, well, guess again.

Data shows that when hackers break into password databases, they use common, frequently used passwords, which gives them access to about 50-60% of all users. Here’s a list of the 25 most frequently used passwords to avoid, which has been compiled from files containing millions of stolen passwords posted online by hackers.

25 worst user passwordsWe spoke with Rachel Engel, a seasoned software engineer and Principal Security Engineer at iSEC Partners, a computer security consulting firm, to give us some tips on how to create secure passwords. “If people keep these three things in mind, there will be a lot fewer account compromises,” she shared.

  • Your passwords really do have to be long and random. People pick passwords that they don’t think their friends can guess. You’re actually trying to pick a password that a computer can’t guess, and computers are very fast and very persistent at making guesses.
  • Use a password manager program like KeePass or LastPass. They generate strong passwords for you, and store them safely so that you don’t have to remember them.
  • Keep a separate password per website. If you have an account on a site that has its password database compromised, your other accounts remain secure.

For more information on creating strong passwords, also check out the Microsoft Safety & Security Center here.