Home  ›  Team Blog  ›  “password” is NOT a secure password…

“password” is NOT a secure password…

Posted: Wednesday, October 6th, 2010 by Ted

…neither is password1 or a multitude of other passwords that people use everyday thinking that they’re protecting their email addresses, website log ins and a multitude of other every-day things that need a password.  While it’s difficult to try and remember what your password is for every website and email address you have, it’s also important to know that if someone cracks the password for one thing, they could potentially just use that same password for any other site you use!

I recently came across a website with the top 500 worst passwords and found, to my horror, a password that I used (emphasis on used) was in the top 50! As soon as I saw that, I logged into all the sites that used that password and changed them to something much more secure.

So, what is a good password? Well, that’s not an easy answer really, but I can make three suggestions off the top of my head here:

  1. Use a random password generator like this one. While a total pain to try and remember, the odds of a randomly-generated password being guessed are high to none, especially if you used mixed case, special characters and numbers.
  2. Use a passphrase instead of a password. Something like, “This is my email password” isn’t easily guessed but easy to remember.
  3. Adding to the passphrase idea, try mixing that up as well but adding numbers, mixed case and special characters. “Th1s i5 my 3ma1l pa55w0rd!” is very secure and also pretty easy to remember.

I hope you’ve found this post helpful and, if you have anything to add, please feel free to add your thoughts to the Comments section.

3 Responses to ““password” is NOT a secure password…”

  1. Ted, you’re spot on with this. But my fear is, like many, trying to remember ALL those horrid passwords/phrases — which means for a lot of folks that they create password LOGS on their computers. While this isn’t the end of the world, it’s also a problem if the computer / laptop / smartphone is stolen or lost to accident or fire. Putting it up in the *cloud* can help, but even that can cause worry because if that is hacked / cracked then ALL passwords are grabbed. Writing it on a piece of paper keeps it closed-looped, but the obvious problem with that applies to the *stolen* theme. The other problem with password storage is that changing them all can be a pain, especially if passwords are stored in multiple places.

    Perhaps it’s just the world we live in and I just have to get used to it. Hah!

  2. It can be very helpful to write down the password(s) you use, but put them in a non-obvious file where other papers are stored. Anything marked “passwords” would be of obvious interest to a thief; a file folder labeled “recipe notes”, for instance, not so much. Then all you have to do is remember what you called that file!

  3. Also, consider this (which just happened)
    Changing the passwords on your desktop / laptop will also affect your mobile devices. I picked up my iPhone and realized it wasn’t collecting mail, not connecting to my bank, finding that I’m *logged out* of certain forums. Obviously it’s because of the password change. The problem here is that a log file on the desktop / laptop may not be available to you all the time. Finding yourself at a cafe and suddenly realizing you don’t know the password to your bank is kinda lame. And all the new passwords are… somewhere else.

    This might support the cloud password theory. If recalling just one pass can get them all (one ring to rule them all) then I might support this over the paper method. In a perfect world, we’d do more than one — or even all the above. However, changing just one pass means going back to all the places where the other passes are stored and editing them.

    Anyway… It took a bit of time, but I recalled my email password (which for Mac’s MobileMe means; email, website, online storage, backup files, calendar events, et.) Now that I think about it… MobileMe is kinda dangerous on its own. Cracking that pass can gain a person access to a LOT of information.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Help us improve this site Send Your Comments