Would it take 10 Minutes or 44,000 Years for Your Password to be Hacked?

We all know strong passwords are key to personal and corporate security. But managing passwords is a pain. In fact, many IT service management professionals will tell you it’s the most common reason end users call the help desk.

According to studies by Gartner and other analyst firms, around 30% of service desk calls are related to password reset management and account lock out. This isn’t surprising considering most business users have at least eight passwords they use on a daily basis to log into a multitude of devices and systems. Management and senior level executives can juggle upwards of 25, depending on their role and level of access.

The Worst Passwords

Every year, a list of the most commonly used passwords is released. Time after time we see the good ole reliables; “password”, “qwerty”, and “1234567890”. Amusingly, popular new passwords often pop up in reference to pop-culture. The most recent report shows a surge in Starwars themed words with “starwars”, “solo”, “princess”, all landing on the list for last year.

Take a look at the top 25 worst password from 2015, according to Splashdata, with their 2014 ranking in brackets:

  1. 123456 (Unchanged)
  2. password (Unchanged)
  3. 12345678 (Up 1)
  4. qwerty (Up 1)
  5. 12345 (Down 2)
  6. 123456789 (Unchanged)
  7. football (Up 3)
  8. 1234 (Down 1)
  9. 1234567 (Up 2)
  10. baseball (Down 2)
  11. welcome (New)
  12. 1234567890 (New)
  13. abc123 (Up 1)
  14. 111111 (Up 1)
  15. 1qaz2wsx (New)
  16. dragon (Down 7)
  17. master (Up 2)
  18. monkey (Down 6)
  19. letmein (Down 6)
  20. login (New)
  21. princess (New)
  22. qwertyuiop (New)
  23. solo (New)
  24. passw0rd (New)
  25. starwars (New)
The Perfect Password

So, how do you create the perfect password? Experts recommend creating something long, random, and difficult to guess. Use a combination of symbols, numbers, and letters including upper and lower cases. If possible, use 12 characters. It’s also important not to use the same password over and over again.

Consider this: a 6-digit password that contains only lowercase letters will take approximately 10 minutes for an experienced hacker to crack. A 9-digit password that combines letters, symbols, and numbers would take over 44,000 years. Wow.

If you’re having a hard time creating the perfect password on your own, opt for a password generator. They’re free, quick, and easy-to-use. We’ve even heard of some organizations requiring the use of these generators for employees every 6 months.

Explore Your Options

It’s no wonder so many calls are pouring into the service desk in relation to password management. The good news is, most organizations can solve the password management issue with self service password reset solutions. It’s very easy to calculate the ROI of these tools if you have a rough idea of the of volume of calls related to passwords you typically receive and the average cost of a level 1 incident (which is typically around $25/30).

If you’re currently researching or replacing self service password reset solutions, consider INVICTAPass. A password management tool for organizations of all sizes, INVICTAPass is easy to configure, deploy and manage. It’s flexibility, affordability, and powerful simplicity have made it the ideal choice for customers around the world. With our customized automated enrollment process users typically receive upwards of 90% adoption rate, crucial to the success of any password reset tool.

Also, our service desk solution INVICTADesk is fully integrated with INVICTAPass, greatly easing the burden of password management from the help desk team and simultaneously monitoring who’s resetting passwords with a fully automated incident and audit trail.

Learn more about our ITSM solutions on our website and be sure to drop me a note in the comments and let me know what you think.


Established in 2014, INVICTA SOFTWARE is a leading provider of IT service management solutions to small and medium size organizations worldwide. Focusing on solutions that take the best of ITIL and operational best practices, INVICTA SOFTWARE offers best-of-breed solutions in the areas of asset management, desktop systems management, service desk management, and password reset. With rock solid partnerships, a proven executive team, and a reputation for innovative solutions and affordable technologies, INVICTA SOFTWARE is uniquely poised for exponential growth. Headquartered in San Francisco, INVICTA SOFTWARE continues to expand globally, establishing presence throughout the United States, United Kingdom, and Australia. Visit www.invictasoftware.com for more information.