In 2021 will you be a Cybercrime target of my Grandma?
Matthew Ryan
Managing Director, CEO, Interim Executive, Commercial Leader, General Manager, Risk Mitigator, Operations & Strategy Expert, Board Advisor & Director. TheABJ.com.au Top 10 Project Manager & Innovator 2021, 2022, 2023
Ask yourself these three questions:
1. Do I use three passwords or less for my online accounts?
2. Do I add a single random character (an extra number or a letter) to my usual passwords to create added passwords?
3. Do I use personal data such as a date of birth or names of my close relatives in passwords?
If you answered yes to any of these - then, my friend, my grandma could break into your online accounts and you need to know that YOU are the weakest link in your online security.
But you are not alone! Did you know that 65% of users use the same single password everywhere?
The most common passwords in 2016 were: 123456 or 123456789, qwerty, 12345678 and 111111.
Four years on and not much has changed! In fact, the five passwords above are still in the top 10 as Nordpass advise in their annual list of the most used passwords online annual article!!!!
Look for yourself; https://nordpass.com/most-common-passwords-list/
All these passwords are scarily easy to guess and recreate. More so they would take my dear old granny less than 20 seconds to crack!
THE TOP 20 MOST COMMON PASSWORDS OF 2020:
- 123456
- 123456789
- picture1
- password
- 12345678
- 111111
- 123123
- 12345
- 1234567890
- senha
- 1234567
- qwerty
- abc123
- Million2
- 000000
- 1234
- iloveyou
- aaron431
- password1
- qqww1122
Did your password make the list of shame? If so, it may be time to do some serious updating, or risk kissing your internet security goodbye.
10,000 of the most common passwords can access 98% of all online accounts! Let me spell that out to you… NINETY-EIGHT PERCENT. Do not let yours be one of them.
Hackers have been collecting and publishing compromised credentials in the ‘dark web’ (a sub-internet) for years. Ever had a LinkedIn account? Or shopped at Target? eBay? Apple? Been on a Government website?
If you have an online presence at all, believe me, your credentials are out there somewhere. Google your own name it is scary what you may find!
So, let us get back to my grandma for a moment. If she is devious and wants to break into your Gmail, Facebook, Online Banking or PayPal account, her first port of call would be to simply look you up in one of those shared databases holding billions of personal credentials.
Once she has found you, and if you are still using the same password or simple variant – then game over! My grandmother has you and she has your banking and all other details!
It is a shame, but the reality is that a LOT of businesses have been breached or have accidentally published customer credentials – to name just a few over the last few years: we have Yahoo, Facebook, Gmail, 7-Eleven, eBay, Adobe, Sony, Target, Apple, the NHS in England, even our own state and federal governments, (on more than 5 occasions in the last year!)
Do you have personal information sitting with them?
Many data breaches are not known or publicised and your credentials will be exposed without you being aware.
If dear old granny is unlucky searching the dark web for your credentials, then she can do a patience exercise: start trying each of the 10,000 most common passwords. Remember those 10,000 passwords access 98% of all online accounts! Of course, the more sophisticated grandmas out there (not mine – but she is getting better) would automate this process – AKA Hacking whilst they are sleeping!
We need to accept that organisations with our data and credentials will continue to do dumb things- like getting hacked!
In this brave new world, what can you do to protect your other online accounts?
Firstly – never share your credentials and only enter them using secure devices and internet connections you trust.
Secondly – enable multi-factor authentication wherever possible e.g., a password and then a second password sent to you Phone via SMS, for example.
Always choose security over convenience in those accounts that are most important.
Thirdly – use good and different passwords in each of your hundreds of online accounts.
A good password looks like this:
“E7Qf21yb$*a8WY&l!%*b*qPHYckMI3Xnq@EM5@Zo7Yg50MD%s95wc*5T&ED%7Ay31^3ujGLK@yE9ok#QSaMxWw!$KP5oHNXj3#o”
How can a normal human being memorise one of these passwords let alone hundreds of different passwords for our growing number of online accounts?
Let us look at how long it takes for a hacker to crack a password using specialised tools.
The warning on the above is that these are simple lower case alphabetic passwords. Add in some complexity and this changes dramatically e.g.: -
Add in a distinctive character and a mix of Alpha and Numeric characters and security increases again!
What else can we do Matt? Why can’t I just remember one password and never need to remember another?
One answer is to use a ‘password manager’ that will generate and store these random passwords for you. Reputable services include: 1Password, LastPass, and the myriad of password management software in the marketplace to name a few. You might even find your AV and Firewall software subscriptions have these built in. Better still many of these services sync between your devices so you only need to remember one password across your laptop, smartphone, tablet, etc.
Can these password management services sustain a breach as well? It is possible but not likely and not by my crafty grandmother!
In any case this type of data is not likely to be readable due to strong end-to-end encryption (a subject for another article).
Still not sure, well another choice is to write them down in a book (yes that paper stuff we are all trying to get rid of in our offices) and store it in a secure location that only you know about, but then you constantly having to refer to it, find it, and then run the risk of losing it!
I did say it is a choice but not necessarily a desirable choice!
Although no one is 100% safe in our evolving cybersecurity world, by following these simple security practices you can make your online accounts infinitely more secure than the average person. Not being an easy target for my grandmother goes a long way!
If you would like to know more or test your passwords to see how long they could take to be cracked, please visit https://www.betterbuys.com/estimating-password-cracking-times/
And remember my evil Granny is watching!
A big thanks to Nordpass VPN and Betterbuys for use of their images!
I help established businesses 10X their Sales Conversions by implementing our tried & tested sales ops systems
3 年Your granny is someone I don't want to mess with Matthew Ryan. Thank you for the precious information on this article. Cybersecurity is of utmost importance especially at these times
??Founder of CHIIVE the Directory of Support services for Seniors ??
3 年Thank you for that. I have realised I need to change one of my passwords but the rest pass the test.
Fmr. Fortune 500 CIO | Christian Author of FACING THE MIND TRAP ?? Seen in The Christian Post. Oprah’s Angel Network. Beliefnet. Patheos Columnist | teresadevine.com
3 年"you need to know that?YOU?are the weakest link in your online security." Aside from the brilliant headline and fabulous image here Matthew, your quote is spot on!! It's the harsh truth and I am so grateful to you for sharing this with others.
?? Transformational Coach | Personal Brand & LinkedIn Expert | Business Growth Strategist | ?? Empowering trailblazers, thought leaders, consultants and entrepreneurs to step into their purpose, passion and flow.
3 年Thank you for sharing this information! Gosh, "four years on and not much has changed." People should really make a habit of updating their passwords more often and never use general password or personal information!
?? Strategic advisor to medical professionals ?? Author – Double Your Profits & Halve Your Working Hours?? Not your average accountant ?? Creates financial freedom ?? Work/ life balance specialist ??Lover of fast cars
3 年Amazing how these obvious passwords are still used. You would think we would have learnt by now. I used Lastpass which is fantastic. And tell Granny to be careful. You don't want her to get caught and sent to jail!