This year’s annual survey includes 50 different countries, top passwords for different genders, and a global perspective. According to research, the most common passwords in Nigeria is “123456”. Several global and local organizations have been hacked in recent times due to weak passwords. According to Techpoint Africa, Nigeria recorded the second-highest percentage of global cyber attacks in 2020, with both public and private companies falling victim to these increasing global threats. Some of the businesses that have experienced one form of hack or the other in the past 2 years in Nigeria include Airtel, Unity Bank, Access Bank, Joint Admissions and Matriculation Board(JAMB), and National Broadcasting Corporation (NBC). While these businesses allayed the fears of their customers and the general public, it is only safe to say that the trend of cyber attacks or hackers trying to gain access to the personal information of businesses and individuals will only continue. As stated by: Mr. Remi Afon – President, Cybersecurity Experts Association of Nigeria, CSEAN; “we can expect that cybercrime gangs will continue to seek ways to hijack the digital transformation of organizations to deploy malicious code, infiltrate networks and gain persistence in systems all over the world.”
Passwords used in Nigeria follow a similar pattern as many other countries. However, Nigeria ranks highest in the use of religious passwords like: “christ,” “pastor,” “church,” “jesusislord,” “heaven,” “godisgood,” “divine,” “goodness,” “jesus1,” “blessed,” “jesuschrist,” and “prayer.” Nigerians also use passwords like “success”, “iloveyou”, “lovely”, “mylove”, “mother” more frequently than in other countries. Simple number combinations, such as the winning “123456,” “Hello123,” and “sunshine”, are popular all over the world. In fact, “123456” was the most popular password in 43 of the 50 countries studied, but the top passwords in the remaining seven were not significantly different.
It is reported that the infamous SolarWinds hack may have been triggered in part by someone who used a password of “solarwinds123” to protect a secure server. Though company officials have denied that the weak password played a role, SolarWinds was reportedly warned of the poor password by a security expert but took two years to change it.
Protecting yourself and your organization from hackers by having strong passwords cannot be over-emphasized. Strong passwords reduce the probability of being hacked by cyber criminals significantly to the barest minimum, while cyber security requires cyber vigilance; putting the following measures in place to protect your passwords online will go a long way in ensuring your security:
- Replace simple passwords with complex passwords: Your password should have a minimum of 12 characters which should include uppercase and lowercase letters, numbers, and special symbols.
- Avoid using the same passwords across multiple platforms.
- Use multi-factor authentication: This requires you to provide two or more verification factors to access your account. The advantage of this is that your account or application will require more than your username or password before access can be granted. You will need to identify yourself by providing some information known to you alone.
- Update your password frequently: Another measure that can be put in place is to ensure you update your password at intervals preferably quarterly or every 6 months. This will enable you to create new passwords that are known to you alone more frequently.
- Use a password manager: In a situation where you have multiple accounts across different websites and applications, it may be difficult to create and manage different passwords on these accounts and applications, however, with the aid of the password manager you have a tool that will provide you with a secure way to store, share and manage your passwords with ease.
- You can also adopt a single sign-in option, this option will prevent you from entering your password every time you want to use an account or application as your password is already synced to your device.
- Other measures include not disclosing your usernames and passwords to third parties. Do not store your usernames and passwords on a piece of paper or in an unencrypted computer file. Do not use passwords that have been used in the past, be aware of your environment when entering your passwords, and do not save passwords or use “remember me” on public computers.
In conclusion, it cannot be overemphasized that you need to keep your passwords secure, depending on your environment and situation, it is important that you adhere to the measures listed above. Being vigilant and making a conscious effort to protect our passwords online is key, especially in recent times.