Splashdata has released their annual list of most used passwords for 2022. Ensure your password is not included here:

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 1234567
  6. 12345678
  7. 12345
  8. iloveyou
  9. 111111
  10. 123123

Control access to your firm’s sensitive information by ensuring that employees use “strong” passwords. Using password-activated screen savers that lock employee computers after a short period of inactivity will increase security of workstations. Server policies should “lock out” users who don’t enter the correct password within a designated number of log-on attempts, although the policy should allow the employee to try again after a set period of time. These policies have had a major effect in stopping automated password cracking attempts.

When installing new software, immediately change default passwords to secure passwords. Caution employees against transmitting sensitive data such as Social Insurance Numbers, passwords and account information via email. Unencrypted email is not a secure way to transmit any information.

One of the easiest passwords to create and remember uses the date that it was last changed and the name of the system you are using. For example, if you change your Facebook password on June 1, make your password June1@facebook. You can use any date and domain address that you’ll remember (e.g. – April9@yahoo; February14@linkedin, etc.)

Here are some tips for creating stronger passwords:

  • A password should contain at least eight characters (some experts say 10 or 14 characters is the minimum).
  • The password should have three of the four types of characters — upper case letters (ABC), lower case letters (abc), numerals (123), and punctuation marks or other special characters (!#$%&*_=+? ).
  • Try to avoid common names, slang words or any words found in the dictionary. Software programs can rapidly search entire dictionaries for possible matches.
  • Don’t use your name or email addresses, or any part of those.
  • Create an especially strong password for websites that deal with particularly sensitive personal information such as, banks or online services that store your credit card information or social insurance numbers.
  • Don’t use any words or phrases that can be found on your social networking profiles or through an internet search (e.g. – your favourite band or movie, pet’s name, nickname, phone number or your birth date).