Pearl Technology Blog

6 Worst Password Ideas You Should Avoid

Posted on 2/1/2019 by Pearl Technology in Passwords cybersecurity
image

Don’t be so obvious.

In the Mel Brooks classic Spaceballs, there’s a scene where the main villain, Dark Helmet, remarks on the stupidity of using a password like “12345,” remarking it’s the kind of password an idiot would use on his luggage lock.

When the evil President Skroob hears the password, he exclaims, "That's amazing! I've got the same combination on my luggage!"

Unfortunately, not enough people have heard Dark Helmet's criticism, and put as much effort into creating their passwords as President Skroob. As we've said before, a good password is your first line of defense against cyberattacks. So, why wouldn't you put a little effort into it?

We talk about passwords so much because it's an important issue that bears repeating over and over. But what does it mean when we say you should use "good passwords"? Simply put, it means avoiding any of the following ideas.

1. The Numbers Game

As Dark Helmet said, a password like "12345" or any variation of successive numbers simply isn't going to cut it. Passwords like this can be guessed remarkably easily, and are unfortunately the most common error users make. In fact, according to internet security firm SplashData's annual most common passwords list, passwords such as "12345" made up six of the top 10 in 2018, with "123456" holding a top spot since 2013.

2. The Password Is 'Password'

You wouldn't name your child "Child." Just like "12345" the password "password" is easy to crack and distressingly common—SplashData has it ranked as the second-most common password—which compounded with its simplicity makes it a truly dreadful password choice.

3. Playing the Short Game

One of the factors that makes "password" such an awful password is its length; it's just way too short. The same could be said for other common passwords like "sunshine," "qwerty," or "iloveyou." Not only are they too common, but their length and simplicity make them way too easy to guess. A word of advice: If you can find your password in the dictionary, it's not good enough.

4. Be a Good Sport

You may be a diehard sports fan, but you shouldn't let your favorite team affect your password too much. Not only is that information readily available, but simply "bears" or "packers" as passwords aren't nearly strong enough to stop a cyberattack blitz. The same goes for more general terms like "football" or "baseball" If you must have a sports-based password, use plenty of variety (capital letters, numbers, and special characters) and make it an obscure piece of sports lore. If you're that much of a sports fan, you should have no problem coming up with that.

5. 'Open Sesame'

The common trope goes like this: After trying so many different passwords, the user will exclaim something like, "I give up!" to which the computer will reply, "Password accepted." Cracking your data shouldn't be that easy though. If you're relying on passwords like "idontknow," "igiveup," or "letmein," you're just rehashing the same problems we've mentioned previously (no variety, too short, too common). Your password should be easy for you to remember, but it shouldn't be easy for hackers.

6. Who Do You Love?

It's great that you love your family, but don't let that love blind you when it comes to cybersecurity. If you're using your kids names or your wife's name as a password, you're setting yourself up for an attack. Anyone who knows you will be able to guess your password, and if they don't, they can just find it on social media, if you haven't locked that down already.

Now What?

If you're using any of the types of passwords we mentioned here, don't see this as an attack on you. Rather, look at these suggestions as opportunities to prevent attacks. Run an audit of all your passwords, and if they match any of the types listed above, then it's time to switch them up. A great tool you can use is Dashlane's How Secure Is My Password?, which will grade your password as you enter it (data is not stored on the website) and will even tell you how long it will take for a computer to crack the code.

Remember, your password is your first line of defense. Make it as strong as possible.

This article is for informational purposes only.