Adarsh takes a look at the patterns Indians seem to be following when it comes to saving passwords…
A basic Google search on what a strong password is like throws up a set of suggestions: “A combination of uppercase letters, lowercase letters, numbers, and symbols. Not a word that can be found in a dictionary or the name of a person, character, product, or organisation. Significantly different from your previous passwords. Easy for you to remember but difficult for others to guess.”
That last bit is the most important even if you choose to ignore the casing and the existence of the said word in the dictionary. It should be ‘difficult for others to guess’.
So how much of a surprise is it to you that ‘password’ was the most commonly used password in our country last year, having been listed over 34 lakh times to protect an email, an app or a subscription.
Well, it’s not the only bizarre/weak password we seem to be using. Let’s look at the top 10 in India according to the data collected by NordPass, Nord Security’s password manager app.
The Top Ten Passwords
As absurd as it sounds, you can understand why people might use the word ‘password’ as your password. It might be an extremely weak option but it’s an easy one to remember. Which is why 4 variations of a sequential set of numbers starting with 123 also made it to top 10.
The NordPass article states: “Research shows that people still use weak passwords to protect their accounts. While the worst passwords might change every year, human beings are creatures of habit. Every year, researchers notice the same patterns – sports teams, movie characters, and food items dominate every password list.”
The report was compiled in partnership with independent researchers specialising in research of cybersecurity incidents and the research was conducted in 30 countries.
According to the research, 73% of the 200 most common passwords from last year remain the same. What makes this particular statistic scarier is that 83% of the passwords can be cracked in less than a second.
A complete surprise package is ‘bigbasket’ which is 4th in the top saved passwords in India. While it seems to be common, it apparently takes 5 minutes to crack which is a lot better than the others on the list.
With almost 17 minutes required to crack it, another surprise contender – ‘anmol123’ – emerged in eighth spot being used over 10,000 times. The tenth spot was taken by ‘googledummy’ which will take a whopping 23 minutes for any hacker to crack it.
Other interesting words in the top 50 are ‘jaimatadi’ and ‘omsairam’. ‘Sachin’, ‘Kapil’, ‘India’ and ‘qwerty’ are also words that feature a lot among the top passwords in India.
Steps to Create a Strong Password
Creating a strong password is not rocket science. There are simple steps you can follow to ensure it’s something unique and uncrackable. Here are some pointers:
1. Don’t use sequential numbers.
2. Don’t use the birth month, year or day. Yours or anyone else’s.
3. It should ideally be a combination of at least eight letters, numbers and symbols. Mix lower as well as uppercase.
4. Combine different unrelated words in your password or passphrase. The more random, the better.
5. Don’t use names or words found in the dictionary.
6. Use different passwords across apps and websites. If you have trouble remembering them, use a password manager tool. Don’t save it as a doc on your laptop.
7. Don’t reuse passwords. Ensure that they’re always unique.
8. Don’t share your passwords with friends, family or even your IT team.
9. Wherever possible, use two-factor authentication.
10. Avoid names of family members or pets and nicknames. Same applies for any word related to a hobby, interest or a job.
Many websites, applications, and tools now allow you to log in using your Facebook, Twitter, Instagram or other social media account. This makes it very convenient because you do not need to create a new username and password.
However, using this feature makes you vulnerable to social network data breaches. Once cyber criminals have your Facebook account credentials, they can access any other websites, applications, or tools that you have logged into with Facebook.
This is yet another reason why you should have unique passwords for each app or website and ensure they are not interrelated in any way.
The Last Word
With the latest developments in technology and with improvements in artificial intelligence, no password is guaranteed to be unbreakable. What we can do however is take all necessary precautions and at least not make it easy for cyber criminals.
If you have any suggestions on how to create uncrackable passwords, let us know in the comments section.