A new report says the vast majority of passwords are not secure enough, but tips can help you improve. Michelle Valles reports from Hollywood for the NBC4 News at 6 p.m. on Jan. 16, 2013.
Is your p@55w0rd secure? Probably not.
More than 90 percent of user-generated passwords will be vulnerable to hacking in 2013, according to a new report from consulting firm Deloitte.
Even those passwords deemed secure by IT departments can be hacked, and those break-ins could result in billions of dollars of losses, Deloitte said in its Technology, Media, Telecommunications Predictions 2013 report, released Tuesday.
Experts and e-commerce sites long recommended that users have an eight-character password with mixed-case letters and at least one number and symbol.
Such a password -– chosen from all 94 available characters on a standard keyboard – is one of 6.1 quarillion possible combinations, according to Deloitte's report (PDF).
But that's no longer good enough – especially since mobile devices make people less likely to create complicated passwords because of the multiple screens often required to see all characters.
Generally, people tend to use familiar combinations and tricks to make passwords easier to remember, often relying on common symbols, Deloitte reports.
The 10,000 most common passwords are employed by more than 98 percent of users, according to a 2011 study by a password expert.
Password reuse among multiple sites is an even bigger problem, allowing hackers who've obtained one password to access other services protected by the same code.
Here are some tips from Deloitte:
"You have one password to log in and they’ll generate a random password for each website you want to make an account for," Gannon said. "It’s the best solution right now."