Does your password suck?

login-username-password-screenshotDoes your password suck? Is your password a combination of your kid’s birthday and your dog’s name? If so that’s not as bad as most people’s. The most common password is currently ‘123456’, closely followed by the word ‘password’. There are thousands of crappy passwords in use today. Here’s a list from Splashdata of last year’s 25 most common passwords. Is yours one of these?

123456, password, 12345, 12345678, qwerty,

123456789, 1234, baseball, dragon, football,

1234567, monkey, letmein, abc123, 111111,

mustang, access, shadow, master, michael,

superman, 696969, 123123, batman, trustno1

identity-theft-logo-image-from-shutterstockIf yours is one of these or similar, you should change it right now. The fact is that hackers have compiled lists much larger than this that contain about 80% of all passwords in use. It really doesn’t take a hacker a long time (using not-so-special hardware) to run through this list against any of your online accounts. And the sad fact is that too many people use the same password for some or all of their online accounts. So a hacker gaining access to one of your online accounts gets access to your entire digital life – especially if they can access your email account.

Hackers are so successful with this low-hanging fruit of sucky passwords, that anyone who takes a little more effort to protect their online identity will drastically reduce their chances of being hacked. Just take a few simple steps:

  1. Make passwords long(er) and complicated
  2. use a completely unique password for your email account (and for each online place)
  3. memorize your password(s) or use a password manager

How long? 8 characters used to be long enough, but I’ve said for a long time now that you need at least 13 characters. The more the better.


How complicated? You really must use both lower-case and upper-case letters and include at least one number, and unless you’re not allowed (by the online entity), you should use at least one other type-able character (any non-letter, non-number character you see on your keyboard). And you should not use any recognizable word by itself or letters or numbers repeated or in sequence. I have a decent strategy I laid out in this article which takes a sentence you memorize and turns it into a mnemonic. Another strategy would be to take several unrelated words and string them together with some other characters, such as “twelve4banking&cheetah’. The point being that these are easier to memorize (writing a password down should be inexcusable).

lastpass-logoUnique for each online place? That’s pretty much impossible without using a Password Manager, which also solves the memorization problem. I give you some advice on that in this article. My favorite is LastPass Premium, which costs $12/year. Consider this a cost of having a digital life in the 21st century. A password manager also helps with having to change your passwords regularly (required by many employers).

If you choose to have online accounts and choose to ignore this advice, you’re really asking to have your identity stolen. And that leads to having your credit ruined, your bank account emptied, and your life turned upside-down. It could even cost you your job. Do you really want this? But the sad fact is that this advice is continuing to fall on deaf ears, so I’d like to ask your help. Please spread the word – send this article to folks you know, or print it out and hand it to them, post it on bulletin boards, whatever. In many cases, it’s the person who hasn’t read this yet who’s using a sucky password.

This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via Click or tap to open a new browser tab or your Venmo app and send money via Venmo to @positek (send to @PosiTek), Click or tap to open a new browser tab or your Paypal app to send money via your Paypal account to (send to, Click or tap to open a new browser tab or your Paypal app to send money using your credit card to (no Paypal account required) using any credit card (no Paypal account required), using Zelle, Apple Pay or Google Pay, or by mailing a check or cash to LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thank you!

Go to Top of Page

Leave a Comment

Your email address will not be published. Required fields are marked *

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

This site uses Akismet to reduce spam. Learn how your comment data is processed.