Attention People of Earth: ‘Password’ is Not an Acceptable Password

The annual list of the most common passwords has just come out, and ‘password’ has been dethroned. It’s now No. 2 on the list, surpassed by the equally secure ‘123456.’ Can you hear me sighing here? Can you?

The list comes from SplashData, and they got a lot of their data this year from an Adobe security breach that resulted in thousands of passwords being posted online. Here’s the list:

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. abc123
  6. 123456789
  7. 111111
  8. 1234567
  9. iloveyou
  10. adobe123
  11. 123123
  12. Admin
  13. 1234567890
  14. letmein
  15. photoshop
  16. 1234
  17. monkey
  18. shadow
  19. sunshine
  20. 12345
  21. password1
  22. princess
  23. azerty
  24. trustno1
  25. 000000

Now, listen, before you say anything: I know. I know it’s a pain in the you-know-where to come up with secure passwords. I know that some sites require six characters, some require eight, some make you use a number, some make you use a number and a capital letter, and so forth.

I also know that your company’s IT guy wants you to use a random 17-character string as a password, AND he makes you change it every 90 days. I used to manage that IT guy and regularly insist to him that my small company’s server wasn’t guarding the gold at Fort Knox.

But your password CAN and WILL be stolen. Security breaches are a regular part of the news these days. It’s a risk we take for convenience. Let’s try not to make it too easy for the thieves, shall we? There are ways to come up with a creative, secure password that you can still remember.

Here are my best tips for choosing a password:

1. DO decide where it’s really important. That’s right. I’m gonna tell you right here that I don’t think it’s super important to have a super secure password at every site. For example, I think it’s way more important to have a secure password for my online banking than it is to log in to my local newspaper’s site to comment on a story or to order a pizza online (provided you don’t store your credit card info with the pizza site). Basically it comes down to this: If getting this password can allow access to my money or some really important data, it’s important. If not, it’s not. So for those less important sites I have a couple of passwords I have been using for years that are less secure.

2. DO have a unique password for online bank accounts, credit accounts, etc. If someone discovers one of these and can steal money from you, you don’t want them to be able to get into the rest. So use a unique password for each of these.

3. DON’T use a single common word (secret, birthday, heart) or a name that others will know is associated with you, like a child or pet, even if you are going to add a number or two. Hackers get more sophisticated every year, and their technology can get past that.

4. DO use words that go together but aren’t necessarily a common phrase, and separate them with a number or a character, like summer$beach#swim or heart3rose7love. That will help you in remembering but be a character string that is harder to crack.

5. DO use a longer word or phrase and insert characters in the middle of it, like ini45%mitable or dea$#2dline. If you get into a pattern where you insert your character string at the same place (like here, after the third letter), that should help you remember.

The bottom line is that you can still choose passwords that you can remember by making it words, letters and characters that are meaningful to you, you just have to be a little more creative and do it. Do you have any password choosing tips to share?

About Tom Harness

Tom Harness is the owner of Harness Digital Marketing, a digital marketing firm that works with businesses and organizations on Social Media, SEO, and Email Marketing. He is an entrepreneur and business owner with 20 years of combined experience in Education, IT, and Business. Tom is a U.S. Army Veteran and a Southern Illinois University alum. He also enjoys craft beers, his beloved Chicago Cubs, and his family.

Comments

  1. Worked in nursing and with IT at the VA. Your tips are really good. Another one that folks at home really don’t think about it, change them often. I change my online banking at least every other month. Another good tip I heard one time, was to make up a sentence, one that you can remember and then use the first letter of every word, one I used for a long time, was I love you very much Gary Frey. ilyvmgf if a number is required could be a number from the FUTURE and capital letters just pick the ones. Thanks for the article, this is important.

    • Doris, you are correct, phrases are less likely to be cracked. Example: NowIsTheTimeForAllGoodMen. Your suggestion of using the first letter of every phrase is “brilliant.” Stay safe and keep updating those passwords. A password keeper like Keypass or Apple’s new cloud Keychain is a great way to remember all your passwords across multiple devices.

Leave a Reply