Are Your Weak Passwords Leaving Clients Vulnerable?

Real estate agents are the gatekeepers of a lot of sensitive client data. While the solutions that store this data (for example, transaction and document management programs) have strict security protocols, client information is most often made vulnerable by the simplest of security missteps, like connecting to unsecured Wi-Fi networks.

However, the most common security mistake agents make is in choosing a weak password. Weak passwords are easy for criminals to guess--and once they have your password, they have access to your data. Not sure if your password qualifies as an easy mark? Check out SplashData's most recent annual list of the worst password below. If your password resembles any of the following, it's high time to change it! (We'll share tips for choosing a strong password on the next page).

1. 123456
2. password
3. 12345
4. 12345678
5. qwerty
6. 123456789
7. 1234
8. baseball
9. dragon
10. football
11. 1234567
12. monkey
13. letmein
14. abc123
15. 111111
16. mustang
17. access
18. shadow
19. master
20. michael
21. superman
22. 696969
23. 123123
24. batman
25. trustno1

As you can see from the list on the previous page, numbers by themselves, sequential keyboard patterns (e.g., qwerty), sports, and perennial favorite "password," are all favorites of the password obtuse. Even Fox Mulder's old standby, trustno1, is on the list, favored by those who are apparently still living in 1993. (Let's hope Mulder has upgraded his security habits in the forthcoming reboot.)

Fortunately, these anemic passwords are easily remedied. Below are a few tips.

Don't:

Use a favorite sport or team. Even though team names didn't make the top 25, they frequently appeared in the top 100 worst passwords. Remember to avoid common, easy to guess passwords.

Use your birth year or birth date. I know, these are easy to remember--but they're also easy to guess. If you're looking to incorporate numbers that have significance to you, try to be obscure as possible, like the street number of your childhood home or the defunct number of an old friend.

Use simple keyboard patterns. Sure, 1q2w3e4r looks like a difficult password, but upon closer examination, it's obvious that this password is just the first few numbers alternating with the first few letters on the keyboard.

Use all numbers or all letters. To make your password tough to crack, combine numbers and letters together. To get extra tough, capitalize some of the letters and incorporate characters (e.g., !@#$%). If you want a mnemonic aid, swap out letters for numbers, like 3 for "e" or 0 for "o."

Use the same password/user name combination on multiple sites. If you do, once criminals have access to one of your accounts, they'll have access to them all. If you can, strive to use a different password for every site.

Be afraid to be weird. Notice one thing about those "worst passwords"? That's right, they're all pretty generic and boring. Don't shy away from using a bizarre or nonsensical password. After all, who's going to see it but you?

Do:

Make your password long. Security experts used to recommend that your password be at least 8 characters long. Now, 12 is the recommended minimum. While it may be harder to remember, know that it's also harder to crack.

Use pass phrases. Single words are easier to guess. By using an entire phrase, your password is longer and more difficult to guess. Add in random capitalization, characters, and substitute a few letters for numbers.

Use a random password generator. Having a hard time coming up with strong passwords on your own? A password generator can do it for you!

Use a password manager. It's true that strong passwords are harder to keep track of. Fortunately, there are a number of solutions that can do the remembering for you. LastPass and Sticky Password are two great options.