Enter your password

5 reasons people use embarrassingly simple passwords

Big news!The world’s most popular password is no longer “password”!

It’s the much more complicated “123456”!

What’s shocking about lists of passwords that come out annually or whenever there is a big data heist is how much they don’t change. Most people, it seems, use the same terrible passwords over and over again no matter how many times we try to scare them out of it.

Why does this happen? Here are some simple reasons.


1. You have so many accounts that need passwords.

your password is incorrect dr heckle funny wtf anchorman memes

In 2011, the average internet user had to remember 10 passwords a day. And that was 3 years ago. We’ve all created hundreds of online accounts. For most of these, people seem to use the same passwords over and over, which isn’t a big deal unless…

2. You don’t differentiate between important and unimportant accounts.
tumblr_md32t7GY2F1qery84

Certain accounts require far more secure passwords than others. Not only should all of your most important accounts — online banking, email, credit cards — each have their own unique password, you should make sure that you never use your work passwords for your personal accounts. Imagine the nightmare of realizing your personal hack put your work security in danger. For that reason you shouldn’t use your work email as a contact for non-work accounts either.


3. Good passwords are hard to remember.
You can’t use any word from the dictionary, any term on your social media profiles, it much include a character, a symbol, the square root of Pi divided by nine…

XKCD delved into the intricacies and absurdities of password creation best:

password_strength


4. You’ve gotten away with it for this long.
The biggest reason that we don’t change is that we don’t have to. Even when people get their email hacked, they often just change that password and go on as nothing happened because the consequences aren’t bad enough yet.


5. You don’t use a password manager.
Creating and remembering strong, unique passwords is hard. Password managers make it easy. That’s why F-Secure Labs suggests that you start using one now. And, of course, we recommend that you use ours: F-Secure Key.

[Image via marc falardeau via Flickr.com.]

More posts from this topic

Juhannus

How To Prepare Yourself and Your Phone For Juhannus

In Finland, there is this thing called juhannus. A few years ago, our former colleague Hetta described it like this: Well, Midsummer – or juhannus – as it is called in Finnish, is one of the most important public holidays in our calendar. It is celebrated, as you probably guessed, close to the dates of the Summer Solstice, when day is at its longest in the northern hemisphere. Finland being so far up north, the sun doesn’t set on juhannus at all. Considering that in the winter we get the never ending night, it’s no surprise we celebrate the sun not setting. So what do Finns do to celebrate juhannus? I already told you we flock to our summer cottages, but what then? We decorate the cottage with birch branches to celebrate the summer, we stock up on new potatoes which are just now in season and strawberries as well. We fire up the barbecue and eat grilled sausages to our hearts content. We burn bonfires that rival with the unsetting sun. And we get drunk. If that isn't vivid enough, this video may help: [protected-iframe id="f18649f0b62adf8eb1ec638fa5066050-10874323-9129869" info="https://www.facebook.com/plugins/video.php?href=https%3A%2F%2Fwww.facebook.com%2Fsuomifinland100%2Fvideos%2F1278272918868972%2F&show_text=0&width=560" width="560" height="315" frameborder="0" style="border: none; overflow: hidden;" scrolling="no"] And because the celebration is just so... celebratory, it's easy to lose your phone. So here are a few ways to prepare yourself for a party that lasts all night. 1. Don't use 5683 as your passcode. That spells love and it's also one of the first passcodes anyone trying to crack into your phone will try. So use something much more creative -- and use a 6-digit code if you can on your iPhone. You can also encrypt your Android. 2. Write down your IMEI number. If you lose your phone, you're going to need this so make sure you have it written down somewhere safe. 3. Back your content up. This makes your life a lot easier if your party goes too well and it's pretty simple on any iOS device. Just make sure you're using a strong, unique password for your iCloud account. Unfortunately on an Android phone, you'll have to use a third-party app. 4. Maybe just leave it home. Enjoy being with your friends and assume that they'll get the pictures you need to refresh your memory. And while you're out you can give your phone a quick internal "clean" with our free Boost app. [Image by Janne Hellsten | Flickr]

June 22, 2016
instagram bug hunter, mikko and jani, young hacker

10-Year-Old Who Took Home $10,000 Instagram Bug Bounty Visits F-Secure Labs

Mikko Hyppönen -- our Chief Research Officer and probably the most famous code warrior ever to come out of Finland -- likes to point out that he was born the same year as the internet. Jani -- the ten-year-old from Helsinki who made international news by earning Instagram's top bug bounty prize for uncovering a security flaw in the photo-sharing site -- was born a couple a years after Facebook was invented in 2004 and just four years before Instagram went online in 2010. And he's already made some history. Jani discovered a flaw in the site that would have allowed him -- or anyone -- to delete content from any user from the site, even stars with tens of millions of followers including Taylor Swift, Selena Gomez and Beyonce. Like any good white-hat hacker he didn't take advantage of the vulnerability. Instead, he reported the bug to Facebook, which now owns the app, directly. His maturity paid off. Even though he is not technically old enough to use the site according Instagram's terms and conditions, he's become the youngest person ever to win a $10,000 bug bounty, which he's used to purchase a soccer ball, a bike and other essential gear for being ten. To celebrate his feat, F-Secure Labs invited Jani to visit our headquarters for a hamburger and a tour. The visit gave our experts a chance to share their stories about how they were drawn to cybersecurity. Mikko learned to love computers from his mother who was in the industry. Päivi was guided into the field by her father and discovered that she has a passion for rooting out spam.  When Tomi was a kid striving to learn the rules of the coin games his friends played so he could hack them and win, he recognized that he didn't see the world like everyone else. Jani has already discovered the same thing. Though he finds plenty of time for school and playing with his friends, he spends 2-3 hours during his off days hunting for vulnerabilities and looking out for new bug bounty programs -- like our own -- that allow him to test his skills. How did he find the vulnerability in Instagram? First he created two accounts. He posted a comment using one account and then just using the publicly available content id number he was able to delete the comment using the other. Immediately he recognized the potential for such a flaw to be exploited. Mikko and Tomi were impressed by how Jani used Linux and Burp Suite --  a tool that pros like the analysts in our Labs use to analyze network traffic -- to help identify the bug. While he used to be interested in a career in video games, Jani says he's now thinking about becoming a cybersecurity specialist. Mikko and Tomi advised him to finish school and stay on the right side of the law. They also invited him to spend a week or two working at the Labs to see how he likes the job, when he's old enough. He's planning on taking them up on the offer, saying that F-Secure looks like a "fun and cool" place to work. Nice. We're always looking for new talent and even Mikko may retire one day.  

June 22, 2016
BY