Abaker | December 05, 2013

Red-Haired Women Pick the Best Passwords, Bearded Men the Worst

We are sharing this article and its interesting password factoids with you as a reminder that passwords are still a fundamental area of risk that deserves specific emphasis in your employee security education program.

By Per Liljas
Techland

Besides shedding light on our overwhelming sloppiness, data from recent security breaches at websites like Adobe and LinkedIn reveal some quirky patterns in how we choose our online passwords.

For instance, studies suggest that red-haired women usually choose the best passwords, whereas bearded men with unkempt locks pick the worst, reports the BBC. Men go for diversity, women for length, and blue is the most common color — not only because it’s the color of the sky and the sea, but also because it’s the color of Facebook, Twitter and Google.

Since targeted attacks are likely to comb through social media accounts, names of pets, streets and children should naturally be avoided at all times. However, we’re not less predictable when it comes to numbers: In a choice of 10,000 combinations for a four-digit pin, analysis point at 80% of our choices come from just a hundred different numbers.

In other words, there goes my blue1234Fido key-for-all…

You can read the original article here.

 

Here are some additional tips for using passwords safely:

  • - Create one separate unique strong password for each activity where you provide sensitive information (i.e. when purchasing online, doing online banking, registering for classes, and email in the cloud). If you use the same password across all of these activities and a cyber criminal steals it, they will have access to all of your accounts.

  • - A strong password should not be easy to guess and therefore shouldn’t include yours or your family’s address, birthday, anniversary, etc. It must be at least eight characters long and include capital letters, symbols and numbers.
  • - Use two-factor authentication where possible. Facebook calls it Login Approvals, Google calls it 2-step verification, and Yahoo! calls it Second Sign-In Verification.
  • - Don’t share your password. If you get an unusual email from someone you know asking for a password, call them and talk to them to verify.

 

 

Subscribe to Our Blog

2018 State of the Phish Report  Protect your organization from phishing attacks. Download Now
2018 Beyond the Phish Report  Protect your organization from threats including and beyond phishing. Download Now