It’s a new year, and time for some resolutions. If you’re struggling with what changes to make, I think this is a good time to suggest using a strong passwords and a password manager. I blog about this every new year, and people continue to use weak and just plain bad passwords. With more and more news reports about hacks, bad security and new breaches every day, you need to protect yourself.

Every year, SplashData puts out a list of the top 100 worst passwords. Let’s have a quick look at the top 10 worst passwords used last year:

  1. 123456
  2. password
  3. 123456789
  4. 12345678
  5. 12345
  6. 111111
  7. 1234567
  8. sunshine
  9. qwerty
  10. iloveyou

Those are really bad. According to SplashData, the over five million leaked passwords evaluated for the 2018 list were mostly held by users in North America and Western Europe. Passwords leaked from hacks of adult websites were not included in this report.

So what can you do?

Use Stronger Passwords

The best passwords use a combination of letters (both cases), numbers and special characters. I’d recommend using a tool to generate strong passwords. I use RandomKeyGen.com to generate passwords for sites as I use and as well as when I create user accounts. That site will generate all sorts of passwords and keys for you, ranging from shorter passwords that are strong and memorable all the way to crazy “fort knox” passwords, like this:

EI4NH|a!j'E?%gg-

That is a nice, strong password. Yes, it’s long, and hard to remember, but do you want an easy password that’s trivial for some bot network to crack? No, didn’t think so. Wolfram Alpha says that if you had a computer making 100,000 guesses a second, it would guess your password in 1.178×10^19 years. That’s a long time. Like age of the universe long.

Use a Password Manager

1Password

Screenshot of 1Password

I find the challenge is remembering long, complicated passwords. I can barely remember what I had for breakfast. To make life easier, I use an app, 1Password, that syncs my passwords across multiple machines and my phone.

If you asked me for my banking or Facebook password, I couldn’t tell you what it is. They’re both 30 character strings of numbers, upper and lower case letters, and special characters. 1Password will also generate passwords if you need. LastPass and KeePass are also apps in this space.

Some of these tools are free or very inexpensive. I think it’s worth it to keep your info just a little more secure than using a password like 123456.

Password Security ImageA door made out of the strongest metal still wouldn’t offer any protection if it was secured with a twist-tie. Likewise, even the most sophisticated online security system can be bypassed in seconds if hackers acquire a user’s password. They’re easy to get when a website is storing passwords in plain text, but that’s a different story.

When people have weak passwords, there’s very little keeping their sensitive information safe. However, when it comes to passwords, many users still choose something that’s easy to remember over something that would be safer. That means hackers and thieves have much less work to do when they try to crack open users’ accounts, resulting in data breaches that put those users and others at risk. Although IT professionals continually stress the importance of choosing a password that is difficult to crack, many users don’t heed the advice.

On the other hand, the most secure passwords have the problem of being extremely difficult for people to remember easily. That’s why so many people use formulas for creating their passwords that make them easier to figure out for hackers. Some people believe that substituting numbers for letters in common words is enough to make a password difficult to guess. Yet substituting a zero for the “o” in “hello” is obvious enough to hackers that it’s practically the same as spelling the word the correct way.

Just this week, in fact, the man that told people to replace numbers for letters said this advice was wrong.

Personally, I use a password manager to handle all my passwords. I use 1Password, but LastPass and KeePass are also good tools. All I need to remember is a strong master password, and 1Password does the rest of the work in keeping my super strong passwords safe.

Having strong passwords for each of the important websites and Internet portals you use regularly is essential today. Use the following checklist when creating a password to help you avoid some of the most common mistakes that lead to weak passwords. This guide also tells you what steps you need to take if you believe your password may have been compromised to protect yourself and your data. A door is only as strong as the lock on it, and your Internet security is only as strong as the password you use to access it.


Presented by MNS Group

It was a holiday weekend here in the USA, so many people were sharing photos and videos of their parties, fireworks, kids, and more on Facebook, Instagram, and Snapchat. I was no exception, throwing up some firework slo-mo videos and a few shots from my Phantom 3.

I was posting and liking content on both my phone and laptop, on mobile and wi-fi, in two states and 3 cities. It was all fine until I went to add a new friend. Somewhere in a Facebook data center, an alert was probably set off and I was temporarily banned from Facebook. This is first time this has happened since I created my account in 2005 – you know, back when you had to have a college email address to join.

Yes, blocked from using Facebook. They said I had “suspicious activity,” and I could not log in. People who tried to visit my profile got a 404.

Facebook’s solution to get my account unlocked: i was told to upload a picture of myself to prove my identity. Here’s the prompt:

Facebook screen asking for a photo of myself

I found a selfie I took this weekend and uploaded it. And waited. There was no feedback from Facebook on why I had been locked out, possible causes, or the timeline for having the photo I uploaded reviewed and my account unlocked.

When I would try to login to my account, I received this message:

Facebook's photo saying user cannot log in

I waited. I took a walk and enjoyed the beautiful weather. I checked Instagram. I waited some more. Folks on Twitter weighed in:

A few hours later, I attempted to login again and was allowed in with no issues. I never received any feedback or email messages from Facebook telling me my account was reinstated or saying why I had been locked out.

I’m not mad at Facebook. Their systems saw something out of the ordinary, such as multiple logins from multiple devices in several locations, and followed security protocols as developed. My concern is with the lack of communication and method they offered to unlock my account.

I don’t know why I was not emailed at any point during the process. Facebook is quick to email me when a friend tags me in a comment or post, or when a friend goes live on video, so it’s strange they would be silent during a major account issue.

Google image Search results ImageSecond, I think the method of uploading a photo doesn’t seem terribly secure and easy to spoof.

There are photos of me all over the internet, and as you can see, when you google me, there’s plenty of photos. Facebook collects my email and mobile number, I’m not sure why they didn’t make me verify by code sent via email or text, like many other services do.

Did a person check the image, or was some super-secret Skynet AI responsible for seeing it was me in the photo and unlocking my account? Was the image actually deleted from Facebook’s servers once the check was complete as they said it would be?

Regardless, once I was back in I made sure to check what apps had access to my account (not many) and what privileges they had to access my data (not much). I don’t think one of them triggered the block, but it’s better to be safe with third party websites you give access to your Facebook account. If you do those quizzes and content generators that post on your behalf, you have given those random apps full access to your info, your friends, and more. That gives me a bad feeling, but that’s a post for another day.

If there’s a lesson here to be learned, it’s keep a photo of yourself handy in case you need to upload it to Facebook.