Does your password suck?

login-username-password-screenshotDoes your password suck? Is your password a combination of your kid’s birthday and your dog’s name? If so that’s not as bad as most people’s. The most common password is currently ‘123456’, closely followed by the word ‘password’. There are thousands of crappy passwords in use today. Here’s a list from Splashdata of last year’s 25 most common passwords. Is yours one of these?

123456, password, 12345, 12345678, qwerty,

123456789, 1234, baseball, dragon, football,

1234567, monkey, letmein, abc123, 111111,

mustang, access, shadow, master, michael,

superman, 696969, 123123, batman, trustno1

identity-theft-logo-image-from-shutterstockIf yours is one of these or similar, you should change it right now. The fact is that hackers have compiled lists much larger than this that contain about 80% of all passwords in use. It really doesn’t take a hacker a long time (using not-so-special hardware) to run through this list against any of your online accounts. And the sad fact is that too many people use the same password for some or all of their online accounts. So a hacker gaining access to one of your online accounts gets access to your entire digital life – especially if they can access your email account.


Hackers are so successful with this low-hanging fruit of sucky passwords, that anyone who takes a little more effort to protect their online identity will drastically reduce their chances of being hacked. Just take a few simple steps:

  1. Make passwords long(er) and complicated
  2. use a completely unique password for your email account (and for each online place)
  3. memorize your password(s) or use a password manager

How long? 8 characters used to be long enough, but I’ve said for a long time now that you need at least 13 characters. The more the better.

How complicated? You really must use both lower-case and upper-case letters and include at least one number, and unless you’re not allowed (by the online entity), you should use at least one other type-able character (any non-letter, non-number character you see on your keyboard). And you should not use any recognizable word by itself or letters or numbers repeated or in sequence. I have a decent strategy I laid out in this article which takes a sentence you memorize and turns it into a mnemonic. Another strategy would be to take several unrelated words and string them together with some other characters, such as “twelve4banking&cheetah’. The point being that these are easier to memorize (writing a password down should be inexcusable).

lastpass-logoUnique for each online place? That’s pretty much impossible without using a Password Manager, which also solves the memorization problem. I give you some advice on that in this article. My favorite is LastPass Premium, which costs $12/year. Consider this a cost of having a digital life in the 21st century. A password manager also helps with having to change your passwords regularly (required by many employers).

If you choose to have online accounts and choose to ignore this advice, you’re really asking to have your identity stolen. And that leads to having your credit ruined, your bank account emptied, and your life turned upside-down. It could even cost you your job. Do you really want this? But the sad fact is that this advice is continuing to fall on deaf ears, so I’d like to ask your help. Please spread the word – send this article to folks you know, or print it out and hand it to them, post it on bulletin boards, whatever. In many cases, it’s the person who hasn’t read this yet who’s using a sucky password.

This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via Click to send money via Venmo to @positek or Click to send money via Paypal to Thank you!

Go to Top of Page

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.