Advice Investments Wealth management
Search

When you sign up to an online service and it comes to the dreaded ‘Please create a new password’ message, it is all too easy to fall into bad security habits by reusing an old password, or simply changing the number at the end. Committing to creating secure passwords and kicking poor habits into the past is a great way to start when improving your safety online.

How to create safer passwords

There’s a lot of guidance out there on what makes a good password — and it can be incredibly confusing. But it’s actually not difficult to create a password you can remember.

For example, did you know you can create secure passwords using three random words? You just put them together, like 'coffeetrainholiday' or ‘papertabletshirt’. A lot of websites even let you use spaces in your password, which helps with complexity and length (and the way your fingers might want to naturally type!)

You can choose words that are memorable but avoid those which might be easy to guess, such as 'onetwothree' or words that are closely related to you personally, such as the names of family members or pets.

Online services called password managers are also helpful at minimising the number of passwords you need to remember because they create the details you need to access online services (typically a username and password) and store them securely in an online 'vault', which is accessed via a master password. More information on these can be found on the National Cyber Security Centre website.

Why would anyone be interested in me?

This is a common question! Most emails are hacked by automated programmes using computing power that can run through thousands of combinations per second – or simply use a file of stolen credentials from a data breach. So, in most cases it isn’t personal, it’s an automated, wide scale, ‘have a go’ attack – meaning anyone could be at risk.

Why are emails hacked? 

In the modern world, your email account is often the door to your world, life, everything…!

Once an attacker has access to your email account it is possible to gain access to every other account. How? Simple: from the email account, it is possible to see what other accounts you have and from there it is possible to request a password reset. So, from access to your email, an attacker can gain access to ALL your accounts.

Your challenge

Now you understand why and how secure passwords are important, it’s well worthwhile setting aside half an hour to go through your accounts and strengthen your passwords – particularly on those accounts which have had the same password for years, or are protected by a simple ‘one word’ password as these are much more likely to be hacked by attackers. Just be sure to avoid the most common passwords listed below. Take the time to set this positive new security habit, and it will pay dividends!

Top 50 most used passwords to avoid:

  1. 12345
  2. 123456
  3. 123456789
  4. test1
  5. password
  6. 12345678
  7. zinch
  8. g_czechout
  9. asdf
  10. qwerty
  11. 1234567890
  12. 1234567
  13. Aa123456.
  14. iloveyou
  15. 1234
  16. abc123
  17. 111111
  18. 123123
  19. dubsmash
  20. test
  21. princess
  22. qwertyuiop
  23. sunshine
  24. BvtTest123
  25. 11111
  26. ashley
  27. 00000
  28. 000000
  29. password1
  30. monkey
  31. livetest
  32. 55555
  33. soccer
  34. charlie
  35. asdfghjkl
  36. 654321
  37. family
  38. michael
  39. 123321
  40. football
  41. baseball
  42. q1w2e3r4t5y6
  43. nicole
  44. jessica
  45. purple
  46. shadow
  47. hannah
  48. chocolate
  49. michelle
  50. Daniel

Most common passwords seen on mobile devices to avoid:

  1. 111111
  2. 000000
  3. 123456

From a best practice perspective Quilter users must comply with the following requirements:

  • Minimum password length of 8 characters however it’s recommended that password minimums need to be increased to 15 characters to keep our network and yourself safe.
  • Set a complex password via the use of 3 of the following character classes: i) alphabetical characters; ii) numerical characters; iii) upper and lower case alphabetical characters; iv) special characters or symbols.