Washington State

Office of the Attorney General

Attorney General

Bob Ferguson

PumpkinJust in time for Halloween, here’s some scary news about people leaving themselves wide open to having their identities stolen, bank accounts breached and personal information posted for the whole world to see. FoxNews.com reports on the 25 worst passwords on the web:

Despite the obvious insecurity in using the word "password" as your password, it’s the most popular (and least secure) password used on the Internet, according to a new list published by SplashData.

The Internet security firm’s annual list of scary logins comes just in time for Halloween -- with a warning. Anyone caught using these lame passwords is most likely already or soon to be the victim of a security breach.  

"At this time of year, people enjoy focusing on scary costumes, movies and decorations, but those who have been through it can tell you how terrifying it is to have your identity stolen because of a hacked password,” said Morgan Slain, SplashData CEO.

Rounding up the top five are the popular numeric choices “123456” and “12345678.” For some reason, “1234567” is dropping in popularity – it’s down six positions since last year. My personal favorite, however, is the east-to-remember, yet ill-advised, “letmein.”  But here’s a puzzle: why is the password “monkey” so popular?

password imageIn all seriousness, if you are guilty of using any of these easy-to-crack passwords, keep in mind that, as the New York Daily News reported earlier this month, one quarter of Americans have been told their personal information, such as a password or credit card number, may have been exposed in a data breach. That means they are at risk of having thieves use their information to obtain credit cards in their names, steal their medical histories and misuse their images.

Canceling credit cards and bank accounts, contacting credit agencies and dealing with police reports are among the many hassles that come with being a victim of identity theft. In fact, when your identity is stolen, it can take anywhere from 30 to 600 hours to repair the damage. Does that easy-to-remember password still sound like a time-saver?

If you are ready to change your ways, Splashdata.com has this advice:

Use passwords of eight characters or more with mixed types of characters. One way to create longer, more secure passwords that are easy to remember is to use short words with spaces or other characters separating them. For example, “eat cake at 8!” or “car_park_city?”

Avoid using the same username/password combination for multiple websites.  Especially risky is using the same password for entertainment sites that you use for online email, social networking, and financial services. Use different passwords for each new website or service you sign up for.

Having trouble remembering all those different passwords? Try using a password manager application that organizes and protects passwords and can automatically log you into websites.

Interested in learning more about ID theft and how to protect yourself? We know of a great website where you’ll find more information.

-Dan Sytman-


Recent Posts

Blogroll & Consumer News

Product Recalls