The Common Mistakes That Make Your "Strong" Passwords Weak

By Leslie Horn on at

By now, you probably think you know the drill when it comes to passwords: avoid pet's names, mix up letters, change your password regularly, blah blah blah. We might think we're being clever, but according to State of the Net, the tricks we're using to make our passwords strong these days can actually make us more susceptible to hacks.

State of the Net points out what is pretty much common knowledge these days: hackers use software to crack your passwords, and the longer the password, the harder it is for them to crack. But a long password does not a secure password make. It turns out there are common patterns that people use that end up making passwords more obvious. Per State of the Net, here are three of them:

  • One upper case, then 5 lower case, then 2 digits (Example: Dulith57)
  • One upper case, then 6 lower case, then 2 digits (Example: Abugmar64)
  • One upper case, then 3 lower case, then 4 digits (Example: Itio1981)

It doesn't stop there. If you're doing any of the following, you may want to rethink how you're picking your passwords:

  • Starting with an upper case letter followed by lower case letters
  • When a password isn't long enough, adding a letter or two to the base word
  • Putting digits, especially two or four of them, before or after the letters
  • When a special character is required, using "!" and putting it at the end
  • Not using two special characters in the same password

So, what are you left to do? First of all, State of the Net suggests avoiding relying on password checkers, because they're often just flat wrong on the strength of your passwords. Avoid beginning a password with a capitalised letter; don't create an acronym and use the first word of each sentence as your password; avoid natural words and phrases; don't repeat the same special characters; and don't put numbers next to each other.

Even if you do follow all these instructions, the fact of the matter is, you're not entirely safe from hackers. But at least you'll be a little bit more elusive. [State of the Net via AlterNet h/t TechBlock]

Photo via Computer History Museum