Google announced this month that potentially 5 million Gmail logins were “dumped” on the Web. Password manager LastPass analyzed the leaked logins and found a lot of bad email habits among users.
In spite of all the warnings about breaches and hacks, the passwords we’re using aren’t exactly creative – 123456 and ‘password’ are still the most common. Even worse, many of us are still using the same passwords for multiple logins.
The analysis found that users often choose passwords that are too short – less than 8% of the leaked credentials contained more than ten characters. Just 1% used a combination of characters that included symbols, numbers and lower case letters.
“People are still creating terrible passwords using short dictionary words,” says Joe Siegrist, LastPass CEO. Among the most used words: love, monkey, dragon, and hello.
Password generators are available to create strong, unique passwords, but the analysis shows most people just want to do what’s easiest.
“Culturally, if we continue to create weak passwords and reuse passwords, we’re setting ourselves up for failure,” Siegrist says. “No one would make multiple copies of the key to their front door to give to everyone they meet, but that’s what they do with their passwords.”
LastPass created a tool that anyone can use to see if their credentials were among the leaked batch.