Looking at the list of 2016’s most common passwords, I can’t stop shaking my head. Nearly 17 percent of users are safeguarding their accounts with “123456.” What really perplexes me is that so many website operators are not enforcing password security best practices.
My firm, Keeper Security, scoured 10 million passwords that became public through data breaches that happened in 2016. A few things jumped out at us:
- The list of most-frequently used passwords has changed little over the past few years. That means user education has limits. While it’s important for users to be aware of risks, a sizable minority are never going to take the time or effort to protect themselves. IT administrators and website operators must do the job for them.
- Four of the top 10 passwords on the list – and seven of the top 15 – are six characters or shorter. This is stunning in light of the fact that today’s brute-force cracking software and hardware can unscramble…