How to check your password strength: As a list of 2016’s worst passwords is revealed, our guide helps you stay safe online and protect yourself against hacking.
Scarcely a day goes by without some kind of online security brouhaha hitting the headlines. Our digital selves are more vulnerable than ever in 2017, yet we’re often our own worst enemy, not least when it comes to the passwords we use.
A new study by password manager Keeper shows that many of us are still using rudimentary phrases to safeguard our accounts, with nearly 17% of people still relying on the infamous ‘123456’ – equivalent to using Swiss cheese as a condom.
A handful of seemingly more complex letter/number combos appear on the list, but Keeper notes that these too are vulnerable, as they’re based on predictable keystroke patterns.
Before we get on to how you can check your password’s strength, let’s take a look at the 2016 Hall of Shame.
Related: Best password manager
Most common passwords 2016
According to Keeper’s report, which is based on the more than 10 million codewords revealed by data breaches in 2016, the world’s most common/popular/dumbest passwords are:
Are you on the list? Then you’ll want to change your password to something more robust right now, which brings us to…
Related: MWC 2017
How to check your password strength
Devising a secure password isn’t as easy as it sounds, but fortunately, there are a number of decent password strength checking tools available for free online.
While neither checker is bulletproof – both sites state that they are purely for educational purposes – they do give you a rough idea of how tough your password is to hack.
Of the two, Secure Password Checker is definitely the more paranoid. I entered the same phrase into both tools, with Kaspersky’s informing me that a bruteforce attack on my computer would crack my password in just 15 seconds – HSIMP had the figure at four days.
The discrepancy underlines that password strength checkers aren’t 100% reliable, but they are a starting point if you’re looking to get serious about your online security.
How to check if your password has been hacked
If you’re reading this and your bum is squeakier than when your team cocedes an injury time free kick on the edge of the box, it might be time to check if you’ve already been the victim of a data breach.
Sign up for the newsletter
Get news, competitions and special offers direct to your inbox
Here, Have I been pwned? (HIBP) is your friend – just enter your email into the search box and it will tell you if any accounts linked to the address have been subject to a breach.
Other options to check if you’ve been hacked include Breach Alarm and Has my email been hacked?, although they’re not quite as comprehensive or up-to-date, based on my investigations; inputting an email I knew had been compromised, all three sites flagged the 2013 Adobe hack, but only HIBP highlighted a smaller 2016 breach of another website.
For more tips on how to improve your online security, check out Get Safe Online, a UK site that’s sort of like the Citizen’s Advice Bureau for digital denizens.
Related: Best free antivirus software
WATCH: Death by Driverless – who’s to blame when robot cars kill?
What’s your take on password security? Share all your thoughts, tips, tricks, and favourite tools in the comments below.