Online passwords should be ‘ugly:’ Better Business Bureau

If your password is “123456,” “password,” “hockey”, or “Canada,” it’s probably time to change it.

According to the Better Business Bureau (BBB), these are among the top-used passwords in Canada last year.

Instead, the group says passwords should be as “ugly” as possible.

Advertisement

The organization is calling Wednesday ‘Password Day,’ and is encouraging the public to change their passwords to something that hackers can’t solve.


Related Articles: 


According to a survey from last year, 25 per cent of Canadians changed their passwords less than once per year, while a third of respondents said they changed their passwords more frequently, usually between every three to six months.

With an average of 70 to 80 passwords to remember, it’s probably not surprising that some of the most-used passwords were characteristically easy to remember.

“Knowing how to create, change, and use passwords safely is one of the simplest and most effective ways to protect the public from having online accounts broken into by hackers,” Aaron Guillen, media and communications specialist with BBB said.

“By making an ugly password with random symbols, numbers, and words that aren’t directly tied to your identity, you are taking one easy step to protect yourself from fraud.”

It may take even less time than you think for a password to be found, as Guillen says many hackers are using artificial intelligence (AI) to give them a hand.

“These days, if you have a password with only five or six letters, maybe like ‘apple’…that only takes seconds to crack for hackers. They’re not even doing it themselves, they’re using algorithms, they’re using AI.”

Tips to protect passwords 

There are some ways to help protect your passwords, the BBB says, like creating a “passphrase” instead of words.

“Your phrase should be relatively long, around 20 characters, and include random words, numbers and symbols. Something that you will be able to remember but others couldn’t come close to guessing, such as: “I was a Canucks fan in 2010.” = iw@$Canuck$F@n/10,” the release says.

For people that use the same password, the BBB says that only makes it easier for hackers to get in.

Advertisement

“Never use the same password for multiple accounts, especially for the most sensitive ones such as bank accounts, credit cards, legal or tax records or medical-related files,” the BBB says.

“While it may be easier to remember one password for every account, it’s much easier for hackers to break down one wall rather than multiple walls. If hackers can figure out one password, even if it’s for something harmless, such as an online shopping app, they will now know the password to every single account you own.”

Other tips include having two-factor authentication, changing passwords frequently, and staying away from “easy” passwords.

“Avoid using information that is easily searchable like your pet’s name, mother’s maiden name, favourite team, the town you grew up in, your birthday/anniversary, etc.” the group adds.