While people agree that using a username and password for online protection is old-school, most consumer websites still heavily rely on just this. It is staggering to believe that the most common password in use is still as simple as ‘12345’ and many consumers still believe the word “Password” makes a strong, I hate to say it…password.
So, what is the rationale behind people not changing their passwords? And perhaps even more important: why do website owners knowingly choose not to implement rules that at least block the use of those top-20 or top-100 most used passwords?
Much is down to a combination of convenience and "user laziness". It is safe to estimate that implementing rules that enforce the use of complex passwords would permanently chase away between 5% and 10% of customers who simply cannot be bothered to invent and remember anything complicated. No website owner wants to turn away customers.
According to a 2021 Data Breach Investigations Report (2021 DBIR), cybercriminal predominately target confidential data such as credentials and personal information which are often used as the basis for passwords. In retail outlets alone these breaches included consumer payment details (42 percent), personal details (41 percent) and credentials (33 percent). A staggering 95 percent of organizations which suffered a credential stuffing attack, which is an automated injection of stolen username and password pairs (“credentials”) into websites, had between 637 and 3.3 billion malicious login attempts through the year.
A distracted person can (and will) forget a password minutes after creating it. With that said, here are some important password tips to remember to help you create stronger passwords.
Mix capital and lowercase letters, numbers, and special characters
For easier memorization, you could start with a word you’ll remember, then substitute numbers for certain letters, like zero for “O” or the number four for “A.” True, including a real word could weaken your password, but good luck remembering a different random sequence for each website that you use. (That’s how you end up with your password on a post-it note!)
