In my discussion of online privacy on March 10th’s Philosophy in Action Radio, I talked about how people need to take active measures to protect their privacy online, just as they do in real life. Also, just as in real life, criminals should be of concern. Hence, good passwords should be of concern.
I’ve long known that many people use insecure passwords — such as ordinary words, reusing the same password across many sites, or using an easy-to-guess pattern. However, I didn’t realize just how careless many people are until I read this article: PIN Analysis. Basically, the author analyzed the data from various databases of exposed four-digit passwords — 3.4 million PINs in total. Here are a few of his findings:
The most popular password is 1234 … it’s staggering how popular this password appears to be. Utterly staggering at the lack of imagination … nearly 11% of the 3.4 million passwords are 1234 !!!
The next most popular 4-digit PIN in use is 1111 with over 6% of passwords being this.
In third place is 0000 with almost 2%.
A staggering 26.83% of all passwords [are the table of top 20 passwords listed in the article]! (Statistically, with 10,000 possible combination, if passwords were uniformly randomly distributed, we would expect these twenty passwords to account for just 0.2% of the total, not the 26.83% encountered)
For more fun facts, check out the article: PIN Analysis. If you’re now thinking that perhaps you should have more secure passwords… good! I’d recommend using a password program such as LastPass or 1Password. If you’re already using nothing but super-secure passwords, even better!
I’ve used 1Password to generate random passwords for me, store them securely, and access them on my phone and in my web browser for many years now, and I’d hate to go back to my old (and far less secure) methods!
Note: This commentary was originally published in Philosophy in Action’s Newsletter before the broadcast. Subscribe today!