Published: 09 April 2014
A few years ago I read a security review on http://www.antionline.com/ regarding the use of the word password for accessing accounts. Splashdata.com has recently announced that this year’s worst password is 123456 knocking password from the top spot for the first time.
What can Website owners do
I’m sure one issue is people who want to buy something without the complex registration process. As a marketing agency we understand the importance of capturing as much information about a user as possible. That said a guest checkout process on an ecommerce website still captures all that information. It just makes it easy for user to checkout without a password.
You can also make it easier for the end user by implementing federated login on your website. Sagittarius already has integrations for Google, Facebook and Yahoo. This means that your users can use existing accounts so don't need to manage yet another password.
What can we do
I imagine you have paperwork in your house regarding your mortgage, passports and bank accounts. Probably details regarding birth dates, national insurance and any investments you may have? Do you leave it in a paper box on your doorstep for every random passer-by to read? I'm guessing probably not!
Passwords are the key to your sensitive data and it’s up to you to ensure it’s protected. Identity theft has been on the rise year on year since 2007. With passwords like 123456 or password your account has almost certainty already been accessed and any data it contains downloaded and is being resold on the internet.
I don't believe I’m an unusual internet user, I have something like 40+ accounts on various online shopping, social media and banking websites. Coming up with new passwords especially secure ones and remembering passwords is a massive inconvenience. Luckily there are many tools online which make it easier for us. You can also read up on what makes a secure or a weak password on Wikipedia http://en.wikipedia.org/wiki/Password_strength
There are a number of great tools for generating secure passwords. Unfortunately the securer the password the more difficult it is to remember. The wiki how link below shows how to create easy to remember passwords.
You can use online password meters to determine if a password you are using is strong enough to withstand attack. Then weed out any which don't meet the grade.
Several online providers have released different types of password cards. These are cards which can be printed out and stored in your wallet or use on a mobile apps. The card is unique and nobody has the same card as you. In fact if you lose the card number you will never be able to regenerate it. You can use the simple number symbol combinations to generate unique passwords for all your sites.
There are a number of password storage mechanisms on the internet. You can get mobile applications of pen keys from companies like Splashdata which contain all your unique passwords. You can also use programs like KeePass to store them in an encrypted file on your computer.