Online Safety/Security and Passwords

Written by Josh Brown, VP Director of Security at The Fauquier Bank

There is much being bandied about in the news when it comes to online security and passwords. All you have to do is perform a search online for “worst passwords of 2016” and you will get over 6 million results. I’m not exaggerating, over 6 million results for that specific search!

You will find some amazing passwords. Here are the top 10:
10.  qwerty (was “baseball” in 2015)
9.  princess
8.  sunshine
7.  12345678
6.  123456789
5.  abc123
4.  ninja
3.  welcome (if that isn’t an opening…)
2.  password

Drum roll please……………

1.   the worst password, and most used, of 2016 was 123456

The list is courtesy of and is not just the worst passwords, but the most used and worst passwords of 2016. This is amazing stuff. But wait, there’s more! Gotta love clichés.

Having a terrible password isn’t even the worst problem. This becomes a huge problem when you consider password reuse. Password reuse is an extremely common problem. Many, if not most, people with online banking accounts use the same login credentials for online banking as they use in other systems, like their email account. If I am a criminal, I don’t have to load malicious software onto your computer, I just need to hack into a relatively low security system you use or have access to. If I can discover your credentials there, I can likely gain access to your bank account online.

A few years back, there was a case in which an executive with a major information technology firm was using his very simple login credentials for checking personal email and logging in to a very high security data system. All the criminal needed to know was his email address. From there, the hacker was able to hack the email server and read the executive’s credentials. Next, the hacker was able to trick the executive into clicking on a link in an email that allowed the hackers access to the executive’s high-security network. They were in. Fortunately, email systems have gotten much more secure lately, but the principle remains. If you reuse a password that is important to you, a criminal has a better chance of figuring it out and gaining access to your online banking account.

Okay, you are thinking that if you use a different complex password for every site or app you need to log in to, then there is no way you will remember them. There is an app for that! Actually, there are quite a few apps for that. Password vault programs and apps make it very easy to sync between your computer at home and your smart phone or tablet. Then you only need to remember one complex password to gain access to the app. And most smart phones may only require you to use a fingerprint to access the phone and, therefore, your apps.

Online security may be as simple as questioning links before you click, or staying with trusted web sites for online shopping and maintaining up-to-date anti-virus software. For more robust online security, it is recommended that you have a dedicated computer for accessing your bank account online. It doesn’t need to be expensive, there are some decent laptops for about $150. Just make sure you ONLY use the designated laptop for logging in to online banking, and not email, shopping, or browsing the internet.

Passwords are like toothbrushes.

They are best when new and should never be shared.

*To learn more about banking security and meet Josh Brown, please check our community calendar.