password123456Fans of Star Wars or Star Trek will surely remember the excellent 1987 spoof, ‘Spaceballs’. Hilarious, witty and featuring a star-studded cast, Spaceballs was more than just a spoof… it also generated a massive cult following.

A news release last week from SplashData on the list of the worst and most common passwords in use last year, reminded me of the scene in Spaceballs where the princess is about to be chopped into pieces unless the king divulges the combination – which he does, slowly… 12345.

Shocked, Lord Dark Helmet, lifts his visor, and exclaims: “That’s the stupidest combination I have ever heard in my life. That’s the kind of thing an idiot would have on his luggage”.

I wonder if the scriptwriter had a technical background and wanted to make a point even then, when mass computerization was still in its infancy. This was 1987 not 2013. Yet, 25 years later, we’re still commenting on the shocking inability of computer users to choose a strong, complex password. Thousands (millions?) are still using passwords like 123456 and ‘password’ for their logins. I wouldn’t be surprised if their alarm system used the same code. Then again, the launch code for nuclear silos during the cold war was a bunch of zeroes. It really can’t get any worse than that!

Back to the SplashData release. Their analysis of 2013 showed that ‘123456’ was the most common password used, with ‘password’ into second place (the winner in 2012).

The data was compiled from files containing millions of stolen passwords posted on during the previous year. Some other ‘clever’ choices of passwords include, 111111, iloveyou, admin, 123123, letmein and 000000.  You can see the list of top 25 passwords used here.

We all have numerous accounts and devices to unlock but surely most people can remember something a little bit more complex than 111111.

Once again, here are a few tips to keep in mind when choosing a password next time you set up an account. You can test various combinations for strength at Microsoft’s Safety and Security Center.

1. Change your passwords regularly

Change your passwords regularly; preferably at least once a month. This is highly recommended.

2. Do not use the same password on every site

If you have a problem remembering all of them, write them down and keep the document in a safe place, not in everyday public view. Security experts do not recommend writing down passwords but it’s a better option than having one password for everything.

3. When you re-use passwords, at least use a different password for your email account

As a minimum, use a password for your email account that is separate from all others. Passwords for your banking services – including sites such as PayPal – and sites where your credit card number is on file, should also be unique.

4. Use passwords with a secure length and construction

A good password is at minimum eight characters long and has letters, numbers and non-alphanumeric characters, such as “&” and “%” in it. To create a secure password that is still easy to remember, you might consider using a phrase, with words linked by non-alphanumerics. An example would be “My%dog%spot%likes%treats.” Never choose a keyboard pattern (123qweasd).

5. Avoid logging into sensitive websites such as banking or PayPal over public networks

Pay attention when accessing sites over public networks because malicious operators can capture traffic on a network in a public place and steal data such as login information.

And while you’re at it, do change the combination on your luggage!