Just say ‘no’ to QWERTY: 5 tips for using safer passwords

SplashData has released its fifth annual “Worst Passwords List,” and it’s a welcome reminder that computer passwords should be taken seriously. Typing them in takes up your time, yes, but it’s better safe than sorry, especially in the medical industry.

If you think some of your passwords might be too weak, here are a few tips to help beef them up a bit: Some of them are courtesy of SplashData’s list, and others are just personal favorites.

1. Think of something original

The four most common passwords in 2015 were “123456,” “password,” “12345678,” and “qwerty.” You can do better than this. Think of something applies only to you, and throw a number in there somewhere.

(Note: “football,” “baseball,” “dragon,” “master,” “monkey”—yes, “monkey”—and “princess” also made the Top 25 list. Avoid these, no matter how much you love football, baseball, or...monkeys.)

2. Avoid obvious pop culture references

Don’t reference a widely-known piece of pop culture with your password. “Starwars” and “solo” both made the SplashData list this year, but attackers watch movies just like anyone else.

Don’t give over access to your department’s medical data just because someone noticed your Chewbacca bobblehead and made a good guess. Don’t let The Dark Side win.

3. Embrace the 12-character password

All computer passwords should be a minimum of 12 characters, even if the website or application in question lets you get away less.

Be warned, though, that simply adding characters will not be enough. According to Morgan Slain, SplashData CEO, extra characters only help if they’re not too easy to predict.

“We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers,” Slain said in a statement that accompanied the Top 25 list.

In other words, changing your password to “monkeymonkey” won’t solve all of your problems. (I’m sorry.)

4. Use a variety of passwords

Avoid using the same password for every website or application. It’s inconvenient, sure, but your personal laptop and the hospital’s computer system need different passwords.

Worried about remembering them all? Keep a list somewhere secure, or use an online password manager.

5. Post-it Notes are a bad idea

That bright yellow piece of paper stuck to your monitor? It’s not doing you any favors.

If you can read your password for a quick reminder, so can anyone else. Avoid Post-it Notes when it comes to online security. 

Michael Walter
Michael Walter, Managing Editor

Michael has more than 18 years of experience as a professional writer and editor. He has written at length about cardiology, radiology, artificial intelligence and other key healthcare topics.

Around the web

Compensation for heart specialists continues to climb. What does this say about cardiology as a whole? Could private equity's rising influence bring about change? We spoke to MedAxiom CEO Jerry Blackwell, MD, MBA, a veteran cardiologist himself, to learn more.

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”