Is Your Dumb Password on This List?

By SB •  Updated: 11/14/20 •  10 min read

Passwords represent the most significant, and sometimes the only line of defense between strangers and your personal information. So, how do you choose a good password that is easy to remember yet hard for someone else or a computer to guess? Let’s go over some good and bad choices when choosing the perfect password.

Here is an updated list of common passwords discovered in data breaches. This file contains the top 100,000 passwords from the HaveIBeenPwned data set. If you see a password that you use in this list you should change it immediately.

Most inexperienced users will often choose passwords that are contained within this list or similar other similar listings. People choose passwords that are personal, easy to remember, incorporate birthdays or other important dates in them, and often feature the names of people or pets. So don’t make passwords with any of that.

Such lists (like the one above) are very easy for hackers or other malicious individuals to parse through using a script that tries each one, until they eventually gain access to your personal data.

You know the importance of using strong passwords. But what is a strong password, really? 23r#12YUF734t is easy for a computer to crack, but hard for a human to remember, whereas sentences are hard to crack yet easy to remember. So use passphrases instead of passwords.

And if you’re still using personal information as answers to your security questions, stop! These details can often be easily obtained and used to gain access to your accounts. Don’t type the real answer to “What street did you grow up on?” Use a password manager and save the generated password there, and let it auto-fill on your next visit.

Are You Using Dumb Passwords?

The usage of dumb passwords is, more often than not, the case with novice internet users. 

Apart from using weak passwords, many also tend to use the same passwords for different accounts. This can be disastrous because once a malicious hacker attains the password for one of your trivial accounts, he will immediately gain access to your other important personal information stored at financial institutions, for example.

Many people usually use the names of their pets, cars, relatives as a choice for their password. This is not a good choice because you are probably not the only person with a specific car model or a unique pet name. Your passwords should always be one-hundred percent unique, no matter what website you’re using.

In case you recognize yourself as someone who has similar thinking when creating a password for their accounts, you are most likely using a dumb password choice.

Using weak passwords is somewhat understandable for new internet users, who are not aware of the potential risks that come along by doing so. There are others who are aware of such risks, but even so, don’t mind using obvious passwords. These individuals are convinced that the odds of them being scammed are minimalistic. “I have nothing to hide,” they say. However, such thinking can be disastrous if they reuse the same password for their hacked accounts as they do on their banking websites. 

The most common excuse for using simple passwords is that simple and apparent passwords are much easier to remember than other well-structured passwords. 

The good news is that this study “observed a number of phenomena which run counter to the established wisdom. For example, passwords based on mnemonic phrases are just as hard to crack as random passwords yet just as easy to remember as naive user selections.” So think of phrases with a few words, or a song lyric you associate with the website in question, and use that as a passphrase that is memorable yet hard for a computer to crack.

If you want to free your mind from having to remember passwords, there are many ways you can preserve your password without bothering about writing them down on a piece of paper. We have password managers like lastpass, bitwarden, 1password or dashlane. Or just click the “Forgot Password” and reset your password each time you want to login (less convenient but provides more friction if you’re trying to use twitter or other social media less).

Browsers also offer to save your passwords, but I don’t put much trust in a browser, especially not one owned by Google. But if you must, Chrome isn’t terrible and is probably better than Firefox’s built-in password manager. In December 2019, Google Chrome released new advanced measures of protecting your passwords while remembering the matching credentials.

All these little features are not enough to fully protect you against malicious online attacks. Thus why we will provide you with some fundamental practices you should incorporate when creating a password. Before that, let’s look if your current password is listed with other bad password choices.

Is Your Dumb Password on this List?

Most Common WIFI passwords:

The website passwordrandom.com offers a list of the most commonly used passwords by internet users. This site allows you to type your password in a textbox, and straight afterward, it will warn you if your password is listed with the other ten thousand passwords.

This feature is great because it also has a scale that increases and decreases when you attempt to change your password. To make things even more comfortable, the exact parameters you need to fulfill to make your password one hundred percent safe are listed below, so you will exactly know what you are doing wrong.

Suppose you don’t want to go through creating your own unique password. In that case, the website also offers the possibility of generating random passwords that fulfill all safety parameters needed for your password to be as safe as possible.

Keep in mind this is only one website, and throughout the internet, many similar websites offer secure password generators.

What is a Bad Password?

While going through lists of commonly used passwords, it’s easy to notice some specific patterns that repeat with most of these passwords. We have already explained some of the novice user’s tendencies when creating a password and the reasoning behind poor password choices. However, it’s important to know the exact elements of a bad password.

A bad password is considered a relatively easy password to find out, either by human guessing or by using a brute force attack. 

In case you are not familiar with the term “brute-force attack,” this attack means that the hacker will use his computer’s power to enter as many possible passwords from a specific password list. 

Such lists can be found online, as we already saw. However, in some cases, websites sell these password choices to malicious individuals and make it even easier for hackers to access someone’s personal information.

When it comes to bad passwords, some notable characteristics they boast:

These are some of the most common mistakes average individuals make when creating passwords. As we can see, bad passwords have characteristics opposite to the ones decent passwords should have.

In the next section, we will provide information about good ways of creating a strong password and explain other ways of protecting your passwords with additional security measures.

How to Make Your Password Hard to Crack

Now that we know the value of creating a safe password, it’s essential to understand how to create your own strong password.

To make your password safe, it’s vital to make it unique to your other passwords and not linked to your personal information. Passphrases and sentences are stronger than single strings of jumbled letters and numbers, plus are easier for you to recall.

If you are looking for optimal password security, your password must have specific characteristics we will list below:

The twist is to use nonsense phrases to answer these questions and save the answer in your password manager. What is your mother’s maiden name? You’ll have no idea, and that’s the point.

Apart from these characteristics your password should have, there are other ways of even further securing your password:

SB

I've been practicing OSINT and utilizing Linux as my daily operating system for over twenty years. The tools are always changing and so I'm always learning, but helping you understand the value of protecting your own data remains at the forefront of everything I do.

Keep Reading