Since the big break-in at LinkedIn last week, the company has been scrambling to protect its users. The problem is that the users aren’t necessarily in a rush to protect themselves. SecurityFirmRapid7 analyzed the list of passwords that were put online, when a hacker decided to hang out the dirty laundry of 6.5 million LinkedIn users all at once. What they found was astonishing.
The most commonly used word in the passwords list was “link.” The second most common phrase in the password was “1234.” Since LinkedIn requires seven letter passwords, many people used “12345.”
The other words rounding out the top of the list were “work,” “god,” “job,” “angel,” “the,” “ilove,” and “sex.”
“We are seeing a trend of Internet users trying to use simplistic passphrases on Internet sites,” said Marcus Carey, a security researcher at Rapid7. “They are (being hacked) because of the simple fact that many are using words that have been long considered bad passwords. Password-cracking algorithms include these bad passwords as a part of their recipe.”
Since the passwords were stolen directly from company files, no LinkedIn password would have been safe. But the company also recommends that you shouldn’t use words in the dictionary and should use unusual characters. Names on your Facebook page, like your dog’s name or best friend’s baby shouldn’t be used either, since hackers can sometimes sync the information together.
A great trick for a password is to think of a sentence you can remember and then use every first letter in the sentence. So, for example, you can use “I like chili and hamburgers,” which would be ILCAH.