Pinterest Stumbleupon Whatsapp

You’ve heard it all before and you’re probably sick of it. Password safety 7 Ways To Make Up Passwords That Are Both Secure & Memorable 7 Ways To Make Up Passwords That Are Both Secure & Memorable Having a different password for each service is a must in today's online world, but there's a terrible weakness to randomly generated passwords: it's impossible to remember them all. But how can you possibly remember... Read More is an oft-drilled topic that easily enters one ear and oozes out the other, but we can’t emphasize this enough: settling for a weak password is like leaving all of your doors unlocked.

Just because you’ve never been robbed before doesn’t mean it’s safe to leave your doors unlocked, does it? It only takes one unforeseen incident to lose everything 3 Online Fraud Prevention Tips You Need To Know In 2014 3 Online Fraud Prevention Tips You Need To Know In 2014 Read More — and the same holds true for your email accounts, bank accounts, and whatever other accounts you hold dear.

Maybe one day we’ll move beyond usernames and passwords Why Usernames & Passwords Are A Thing Of The Past, And How To Cope With This Why Usernames & Passwords Are A Thing Of The Past, And How To Cope With This With every other hacked database and credit card scandal that occurs, it becomes more evident that we can't rely on passwords for much longer. But if not passwords, what else is there? Read More , but for now, it’s absolutely critical to strengthen your weak passwords. It takes very little effort, and trust me, you don’t want to be the one who loses everything but could’ve prevented it with a few simple tweaks.

The Worst Passwords of Last Year

It isn’t easy to determine the “worst passwords” being used because passwords are (hopefully) kept secret and hidden. However, a company called SplashData tallied up over 2 million leaked passwords, evaluated them, and compiled them into a ranking. Here’s what they found:

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789
  7. football
  8. 1234
  9. 1234567
  10. baseball
  11. welcome
  12. 1234567890
  13. abc123
  14. 111111
  15. 1qaz2wsx
  16. dragon
  17. master
  18. monkey
  19. letmein
  20. login
  21. princess
  22. qwertyuiop
  23. solo
  24. passw0rd
  25. starwars

As you can see, these really are the worst of the worst. At this point, anyone who’s using one of the above (or anything close to one of the above) might as well not have a password at all. You wouldn’t believe how quickly a hacker could crack a password that simple!

Also, let’s be abundantly clear: If you think you’re safe because your password isn’t on that list, then you’re absolutely WRONG. These passwords are bad because they all share characteristics of easily-hacked passwords, and it’s possible that your own password does too.


So let’s take a look at why these are so terrible and what you can do to make sure your accounts are truly safe and sound.


1. The Obvious Password

Seven of the worst offenders in that list are all variations on the same basic password: consecutive numbers. We see 1234, 12345, 123456, 1234567, 12345678, 123456789, and 1234567890. I’m positive we also would’ve seen 1, 12, and 123 in the list if most websites didn’t enforce a four-character minimum.

It’s clear that people are using this password (and its variations) because it’s super easy to type. Just run your fingers from left to right across the numbers! That’s why qwerty and qwertyuiop are on the list as well.

But passwords aren’t meant to be easy! A lot of people forget this for some reason. Using an obvious password — one that took you no time to devise — is just asking for someone to guess it. You might as well be using a lock that can be opened by any key.

2. The Default Password

It’s astounding that password is as widely used as it is. To be fair, a lot of devices come with that as the default password, but they also come with the expectation that the end user will at some point change that password to something more secure How to Find & Change Your WiFi Password How to Find & Change Your WiFi Password Once your WiFi is set up, you feel no reason to remember the password. Until you need to connect another device. What's the password again? Fortunately, it's easy to find out! Read More .

Unsurprisingly, it seems that a lot of folks are lazy and either refuse or forget to make that change. So, for example, even if your wireless network is properly set up 10 Crucial Features to Use in Your Wireless Router Setup at Home 10 Crucial Features to Use in Your Wireless Router Setup at Home Most wireless routers are equipped with a handful of amazing features that you probably aren't taking advantage of. Here are some of the more useful ones to start exploring right now. Read More , it would take zero effort to break in if you’re still using the default password.

Here’s the takeaway: whenever you get a new device or account and you’re given a default username and password — such as admin/admin or admin/password — do yourself a favor and change it immediately. Don’t delay.


3. The Short Password

One of the most important aspects of an unbreakable password 6 Tips For Creating An Unbreakable Password That You Can Remember 6 Tips For Creating An Unbreakable Password That You Can Remember If your passwords are not unique and unbreakable, you might as well open the front door and invite the robbers in for lunch. Read More is absolute length. Every additional character — whether it’s a letter, number, or symbol — expands the possibility space and makes your password exponentially harder to crack.

So in a sense, nothing is worse than a short password, and this is made evident when you look at the list of terrible passwords. (Only three of them have more than eight characters, and even eight characters is too short for real protection these days.) 1234 and solo are especially bad.

Make your passwords longer! Yes, even longer than what you’ve got. Wondering whether your password is long enough? It probably isn’t. Tack on a few more characters at the end. A lot of hackers rely on brute force, and this is a super-effective way to deter them.

4. The “No Numbers or Symbols” Password

All things considered, a longer password of only letters is usually better than a shorter password with letters, numbers, and symbols — but a longer password that incorporates letters, numbers, and symbols is certainly the strongest of the three.

The reason for this is that you want to maximize the number of possible choices for each character in your password. If you only use letters, that’s 26 possible choices per character. If you use letters, numbers, and symbols, that’s at least 46 possible choices per character — and that difference has an exponential impact.

So aywiresufzklthfrs is an okay password, ayw4r2s8f8kl43f2s is even better, and a!w4_2s8#8kl43f2% is the best. As you can see, none of the items in the worst passwords list have any symbols in them. Coincidence? Not at all.


5. The “L33T SP34K” Password

If you’re going to use numbers and symbols in your password, there is one caveat that you need to know about: if your password contains complete words, never make simple letter-to-number or letter-to-symbol substitutions for individual characters.

For example, if your password is cableCABLE, don’t replace the a with @, the l with 1, the A with 4, and the E with 3. You might think the resulting password — c@b1eC4BL3 — is a lot stronger than the original, but there’s a good chance it isn’t. (No, passw0rd is not any better than password.)

Password hackers know that people like doing this, so if one tries to break into your accounts, they’re going to try all of these substitutions anyway. Similarly, if your name is DANIEL and you set your password as D4N13L, it’s still pretty easy to guess.

6. The “Personal Info” Password

While we’re on the subject of using your name in your password, there’s only one thing to say: DON’T! In fact, whenever you’re trying to come up with a new password, never include any personal details. A good password should have no relation to you whatsoever.

For example, it’s clear that a lot of people like football and baseball, both of which appear on the list. If you’re a big fan of either sport, it would be trivial to guess.

Of the many ways that a hacker can break your password The 5 Most Common Tactics Used To Hack Passwords The 5 Most Common Tactics Used To Hack Passwords When you think of a serious security threat, you may think of some clever malicious program that steals your data or takes over computer. In reality, you’re just as (if not more) likely to be... Read More , social engineering is one of the most effective. Nowadays, personal details are available all over the Web (especially on social networking profiles), and that kind of access makes it easier to guess weak passwords.

Instead, you may want to use one of these strong password generators How to Generate Strong Passwords That Match Your Personality How to Generate Strong Passwords That Match Your Personality Without a strong password you could quickly find yourself on the receiving end of a cyber-crime. One way to create a memorable password could be to match it to your personality. Read More that can create passwords based on your personality and interests.


7. The Pattern Password

I’ll be the first to admit that I memorize all of my passwords through muscle memory, so whenever I need to come up with a new password for a new account, it’s always tempting for me to rely on some kind of pattern in the keyboard keys.

There’s nothing wrong with that if you do it properly. After all, muscle memory is a great way to memorize long, unwieldy passwords that are otherwise nonsensical. However, never resort to an overly simplistic pattern, like 1qaz2wsx, qwerty, or qwertyuiop.

This advice is definitely more important in situations that require a four-digit PIN — such as for ATMs or smartphone lock screens — since PINs have a much smaller possibility space than full passwords. Still, try to make sure your pattern passwords aren’t too obvious.

Good Passwords Aren’t Hard to Make

As important as it is to eliminate weak passwords, it’s also crucial that you enable two-step verification What Is Two-Factor Authentication, And Why You Should Use It What Is Two-Factor Authentication, And Why You Should Use It Two-factor authentication (2FA) is a security method that requires two different ways of proving your identity. It is commonly used in everyday life. For example paying with a credit card not only requires the card,... Read More on every account that supports it. Most bank accounts, email accounts, and online shopping accounts these days support two-step verification Can Two-Step Verification Be Less Irritating? Four Secret Hacks Guaranteed to Improve Security Can Two-Step Verification Be Less Irritating? Four Secret Hacks Guaranteed to Improve Security Do you want bullet-proof account security? I highly suggest enabling what's called "two-factor" authentication. Read More .

Furthermore, you should have a unique password for every single account you have. It sounds like that would be impossible to manage, but it’s effortless if you start using a password manager Password Management Guide Password Management Guide Don't feel overwhelmed by passwords, or simply use the same one on every site just so you'll remember them: design your own password management strategy. Read More (which you really should if you aren’t already).

Lastly, strong passwords are only one piece of the online security puzzle. Be sure to build good security habits Change Your Bad Habits & Your Data Will Be More Secure Change Your Bad Habits & Your Data Will Be More Secure Read More if you really want peace of mind in this chaotic online world.

What’s the worst password you’ve ever used? How diligent are you about using strong passwords? Do you use a password manager? Share your experiences with us in the comments below!

Image Credits: Password on Post-It by shutteratakan via Shutterstock, Short Password by Naghiyev via Shutterstock, Hacker Password by triocean via Shutterstock, Phone Passcode by ymgerman via Shutterstock

Leave a Reply

Your email address will not be published. Required fields are marked *