If we could share just one piece of advice when it comes to safe password habits, it’d be this: use a password manager. While there’s no denying our bias, according to a survey conducted by the UK-based National Cyber Security Centre (NCSC), we have good reason to be—and so should you. Far too many people are picking well-known superheroes and band names for their password. The ubiquitous ‘123456’ password still reigns supreme, however.

Mind the gap

According to the survey, while 53% of respondents reported knowing “a fair amount” about protecting themselves from harmful online activity, nearly half agree that they find most of the information regarding online security to be confusing. It’s no wonder password re-use continues to put individuals and companies at risk. The ever so popular password ‘123456’ has been found 23 million times in the breaches collected by the Have I Been Pwned site. And, while the National Institute of Standards and Technology (NIST) issues guidelines regarding secure passwords, few people have the time to comb through a 50+ page document that’s routinely being updated.


Based on the survey (and quite frankly the data breaches), it’s obvious that awareness often does not lead to action.

  • 50% of those surveyed rated cybersecurity being of very high priority to them.
  • Only 14% always save passwords using a password manager.
  • 70% believe they will likely be a victim of at least one specific type of cybercrime over the next two years, and most feel there would be a big personal impact.
  • 60% report not checking the security settings on their devices.
  • 51% report thinking a lot about protecting their online privacy when going online.

Concern, information overload, time constraints, apathy, complicated new fangled devices; what’s a person to do? The easy answer —adopt a password manager. You don’t have to remember (or write down!) passwords. Leave that to RoboForm.

Don’t bet your money on it

Just because you have a go-to method for password creation, doesn’t mean it’s a good one; and, it certainly doesn’t mean there isn’t room for improvement. While most of us are inclined to think our way is the “right way,” if surveys and news headlines tell us anything, it’s that when it comes to password habits, the majority of us need some serious work. And, if we don’t improve our habits, breaches will increase, or at best, persist.

When data breaches hit, they hit where it hurts – the pocket. According to the 2018 Cost of Data Breach Study by Ponemon, the average cost for each lost or stolen record containing sensitive and confidential information is $148. Those surveyed by NCSC seem to know and fear exactly that with 42% expecting to lose money to online fraud over the course of the next two years.

Reusing passwords across multiple sites is a recipe for monetary disaster. It simply takes a single site to be breached, your password exposed, and attackers to use that information to access any of your other online accounts that use the same information; buh-bye bank account balance.

RoboForm can help you keep your data (and money!) free from sticky fingers. Our Security Center lets you audit your passwords, ensuring you’re not duplicating them across various sites. You can also use RoboForm “Identities” to securely store and quickly fill in online forms containing sensitive information such as bank account and credit card numbers.

Weak passwords are kryptonite

According to a separate NCSC analysis of a file in collaboration with Have I Been Pwned, the fictional character most referenced (in total) was Superman, coming in 333,139 mentions. While his Smallville charm, X-ray vision, and high flying antics may be envy-worthy, if anyone knows anything about strength, it’s him. And, while we can’t speak for Superman, we’re inclined to say he’d be pretty disappointed with his name being attributed to so many weak passwords.

The NCSC also looked at other common password conventions. The top musician reference was ‘blink182’. Liverpool was the most common Premier League team and ‘ashley’ the most used name to be selected as a stand-alone password. Needless to say, these are all terrible password selections. The full rankings, as well as the top 100,000 passwords, can be found over at the NCSC’s site.

Although beloved band names and superheroes may be easy to memorize, when it comes to your online security, ditch the fan club love and opt for strong and unique passwords. RoboForm’s random password generator lets you generate iron-strong passwords in the click of a button.

Unsure if some of your existing passwords are strong enough? Another great tool we have is our password strength checker. That too is built-in to RoboForm.

The choice is yours

Life is full of tough choices, good password hygiene isn’t one of them. Common sense and simple precautions can have a big and beneficial impact on your online security. By choosing to adopt a password manager, you’re taking a sensible step to protect your privacy. From instant password generation to reliable password auditing, RoboForm effortlessly and uncomplicatedly reduces your risk.

Download RoboForm Today

Posted by Simon Davis

Simon Davis is the VP of Marketing for RoboForm.