Finally, finally, after five decades of waiting the question has been answered! I will come back to that in due course but first some discussion of other more current questions.
It is no secret that cyberspace can be a dangerous place. Too many people have found out the hard way that they were only one hacked password away from having their bank account emptied by cybercrooks. Financial institutions are not responsible for losses that arise from customer’s carelessness, such as neglecting to practice safe online security. In spite of this few users bother to create elaborate passwords that are cryptographically secure.
Anyone who wants to avoid the experience of having their bank balance suddenly and irretrievable go to zero need to be aware of two facts all cybercrooks already know. One is that in several studies 90 percent or more of user passwords appear on lists of just the most used 1,000 passwords. Two is that every crook on the internet has copies of these lists.
Crooks also seem to have a good understanding of human behavior, and they know most people follow the same thinking when creating passwords. The first thing that comes to the minds of most users are easy-to-remember names such as spouse, pet, hometown, car, etc. It is distressing how many people think that the word “password” is a good choice. Foreign language words are not inherently secure. Other than the 200,000,000 citizens of Brazil who could possibly guess that “senha” is Portuguese for “password.”
No matter how strong you believe a password is, if you made it up it is not cryptographically secure. We humans simply are too predictable and we cannot produce truly random passwords. There are many web sites that can do this though, so just search for the three words “generate secure password” to find one. Create a truly secure password, write it down, print it, or copy/paste it into document.
Now back to that question for which many of us have been waiting more than a half century for the answer. An entire generation of adolescent boys who grew up in the 1960s can remember the question: “Ginger or Mary Ann?” For those who may have forgotten or never experienced the television sitcom “Gilligan’s Island” that question refers to two of the seven cast members. One was the curvaceous and voluptuous movie star Ginger played by actress Tina Louise, and the other the wholesome farm girl Mary Ann played by Dawn Wells. The question of Ginger or Mary Ann was hotly debated in boy’s high school locker rooms of the 1960s and not until recently that several online security firms compiled lists of the worst passwords was the question finally answered.
The number one worst password is the dictionary word “password” while “Ginger” came in at 75th place with “Mary Ann” not even making the top 1,000 on the list.
Charles Miller is a freelance computer consultant with more than 20 years IT experience and a Texan with a lifetime love for Mexico. The opinions expressed are his own. He may be contacted through his web site at SMAguru.com.