Password danger: Many New Zealanders are taking a risk with lazy choices

Eventually, Big Tech will force lazy internet users to advance their terrible password security beyond the dark ages. Photo / Mark Mitchell

Originally published by The Spinoff

Too many New Zealanders are using "password" as their password. For IRL, Josie Adams is begging you to stop.

Yesterday was World Password Day, and it's clear that, as a nation, we're not in a position to celebrate. According to data from Nordpass, an international password manager, the most common password in our country is "123456". The second most-used password was a little harder to guess: "123456789". Jesus Christ, New Zealand.

I've been using the same two passwords for 15 years, since the first time I needed a password. At the time, Runescape's password requirements were low. Now you can't watch TV without thinking of a word that's at least eight letters and includes a capital letter, a number, and a special character. Even the fifth most popular password in our extremely hackable nation – "password" – will soon be phased out by security demands.

It's time to make a change. You may think you have nothing to protect, or that your data is worthless. This is untrue. If Facebook is selling access to your data, it must be worth something. Don't let a hacker take it for free.

Use a password manager

Hopefully we all know not to click strange links, or blindly obey our bosses' email demands to buy them iTunes vouchers, but many of us are still using the same passwords for our work email and our personal email. It's just easier to remember one password, right? For 218,000 of us, yes: that's how many New Zealanders use the exact same password for all their accounts. That's more than the population of Wellington.

What if I told you you can have a thousand passwords, and only need to remember one? A password manager can come up with complicated passwords and store them for you, so you never need to type one in again. Spinoff staff writer Shanti Mathias said she started using a manager called Myki when she realised keeping all her passwords in her phone notes was "probably not good".

"I try not to think about what it says about the world we live in that I trust an app made by people I don't know far more than my own brain," she said. "But the feeling of satisfaction when the website where I'm making a new account tells me that my password is 'extremely secure' is worth it."

Make it weird

If you prefer to trust your brain over the creeping AI that will one day rule our world with an aluminium fist, you can stick to a couple of passwords – just make them a little stronger. Make it 12 words, all unrelated, numbers and special characters sprayed everywhere like the oily blood of the robot whose job you're taking by using the power of your mind.

For example: if you're currently using New Zealand's fourth most popular password, "iloveyou", you could try tweaking it by adding some things you love: "ilove1mum2dogz69hrsRuneScape!per week!!"

Use two-factor authentication

Google seems to be forcing this one on us, so let's all just get on board. Give up your information to protect it: you can use your phone number or a back-up email to make sure every time your password is entered, you have to confirm it's you. When you go to sign into your email, you'll get a text from Google asking you to accept the login. A minor pain in the ass, but majorly secure. Hopefully.

Ultimately, big companies like Facebook and Google will drag our terrible security out of the dark ages. It's a bad look for them if users get hacked. But why not get ahead of the curve?

As a country, we need to band together and change our passwords: for security, for national pride, and because the computers are making us.