Why you should change your passwords right NOW!

Posted written by Paul Seal on July 18, 2016 Tips

If you answer yes to any of the following questions, you should change your passwords on your online accounts right now!

  1. Do you use the same email address and password on different online accounts?
  2. Do you use simple short passwords? (Check out the top 25 lower down)
  3. Do you use the same password but increment the number each time you need to change it?
  4. Have you had the same password for a long time?

What's the problem?

If you did answer yes to any of the above questions, you are putting your personal data and possibly financial data at risk.

There is a chance your email addresses and passwords have already been compromised in one of the many hacks that have happened.

Some of the high profile data breaches are:

  • MySpace: 359,420,698 accounts
  • LinkedIn: 164,611,595 accounts
  • Adobe: 152,445,165 accounts

The email addresses and passwords are usually put up for sale in the dark corners of the internet.

You can check if you your account details have been compromised in a data breach by using the site https://haveibeenpwned.com/You just enter your email address and it will tell you if your email address was included in any of the breached data.

Here is a list of the top 25 worst passwords from 2015 according to SplashData

  1. 123456 (Unchanged)
  2. password (Unchanged)
  3. 12345678 (Up 1)
  4. qwerty (Up 1)
  5. 12345 (Down 2)
  6. 123456789 (Unchanged)
  7. football (Up 3)
  8. 1234 (Down 1)
  9. 1234567 (Up 2)
  10. baseball (Down 2)
  11. welcome (New)
  12. 1234567890 (New)
  13. abc123 (Up 1)
  14. 111111 (Up 1)
  15. 1qaz2wsx (New)
  16. dragon (Down 7)
  17. master (Up 2)
  18. monkey (Down 6)
  19. letmein (Down 6)
  20. login (New)
  21. princess (New)
  22. qwertyuiop (New)
  23. solo (New)
  24. passw0rd (New)
  25. starwars (New)

If your password is any of the above, you should definitely change it. Some hackers blast through a list of email addresses or usernames, testing them against the most common passwords. 

What should you do now?

My advice is to change all of your passwords to secure ones, and make sure they are different for each site.

Ideally, you should use a long password (16 characters or more) with combinations of uppercase, lowercase, numbers and special characters. Short and simple passwords are very easy to hack.

Choosing a new password can be tedious and tricky when trying to come up with a password which passes the different rules that different sites use, so I created a free tool which lets you choose which types of characters you need to include in your new password and then it generates one for you. Password Generator

To manage all of these passwords, you can use a service like LastPass which stores all of your passwords in a secure vault and it uses a high level of encryption. There are even some password manager services that change your password for you periodically with these other sites, so you don't even know what your password is.

I've started to just use the forgotten password functionality on most sites these days, so I can set a new password, use it at the time, forget about it and when I need to login again another day, just use the forgotten password process again.

Look after your friends and family's security online, make sure they are aware of this and get them to secure their accounts.