Why Is It So Hard to Choose an Effective Password?


You would have thought that we would have all mastered the art of creating an effective and secure password by now.

After all, there are so many companies that enforce us to use a mixture of uppercase and lowercase letters, as well as numbers and special characters, and rightly so. However, despite this, some of you will still be using ‘abc123’ as your password, and, therefore, compromising your own personal security and your company’s security in the process. With that being said, read on to discover some of the most common password errors that are leaving you vulnerable to hackers.

Using one of these passwords…

There is only one place to begin, and this is with the world’s most common passwords! Here is a selection of them:
–     trustno1
–        qazwsx
–     whatever
–        freedom
–        hello
–        master
–     passw0rd
–        dragon
–        123123
–     starwars
–        abc123
–        login
–        monkey
–        welcome
–        admin
–     iloveyou
–     football
–        1234567
–        letmein
–     123456789
–        12345
–        qwerty
–     12345678
–     password
–        123456
Do you currently use one or several of the passwords that have been mentioned? You probably thought you were creative! Well, guess what, it turns out that billions of other people thought the same thing. All it takes is for hackers to try one of these popular passwords, and they are into your accounts. Easy peasy!

Substituting numbers for letters

– As you can see from the list of common passwords above, some people feel that passw0rd is way safer than password. News flash; it’s not! Unfortunately, software has advanced to the stage whereby B3Y0NC3 will not survive and attack.

Using personal information as passwords

– For effective cyber security, you should avoid using the name of your pet, your favourite sports team, celebrities, or relatives, or any other common terms as your passwords. Cracking software will automatically look for the most common combinations, for example, ManchesterUnited1. Plus, if someone can find out a bit about you, it is likely they can guess your password with this approach, so it is never a good idea to make your password something important or personal to you.

Using the same password everywhere

– This is one of the biggest mistakes that you can make. If you follow this approach, then once someone has hacked your Facebook account, they are then going to have access to your Internet banking account, as well as your government tax portal, and so on and so forth. You should use a different password for each and every account you have. Yes, this can be a lot of hassle, but it means that if one of your accounts is compromised, you don’t have to worry about all of your personal data being stolen.

Varying passwords by changing a single character

– Leading on from the former point regarding using a different password for each account. This does not mean that you can simply change one character. Simply adding a ‘1’, then a ‘2’, then a ‘3’ to each password to make it different is not going to work. Hackers are wise to this, as are the password-guessing programs they use.

Starting your password with an uppercase letter

– This is too obvious. Yes, you need to use a mixture of both uppercase and lowercase letters. Nevertheless, you should randomly capitalise letters throughout your password, rather than making it easy for hackers to guess.

Your passwords are short

– Short passwords are no good. Yes, they are easy to remember, and that is exactly why they are bad news. You need a long and complicated password, which is going to be difficult to crack. If you look online, you will see that there are varying reports regarding the optimal length for passwords. However, you should try to make sure that all of your passwords are at least 12 characters long. After all, the longer they are, the more difficult they are to guess.

You never change your passwords

– Once you have created a password, the hard work is not done. In fact, in a few months, you will need to erase your efforts and start all over again with a new password. If you have the same password for years and years, you are only making yourself more susceptible to data being stolen.

Your password is part of your email or related to your security questions

– Last but not least, a lot of people make the error of incorporating part of their email address or another piece of obvious information into their password. If your email address is ilovehockey@gmail.com, and your password is hockey100, you are asking for trouble. Not only this, but make sure your security question answers and your password are completely unrelated. Two-factor authentication is in place for a reason; to give people two barriers to break down before entering a system. If both steps require the same information, you are completely nullifying the effect.

If you are committing any of the mistakes that have been discussed above, it is time to change your password. Moreover, if you have had your passwords (no matter how good they are) for longer than three months, it is also time for a change. Don’t underestimate the importance of choosing a password with care.

This is your first line of defence when it comes to protecting your personal data and the data of your customers.