A question that you're probably wondering about using passwords on your computer and the Internet is: how do I make a strong password? As part of answering that question, we're first going to show you some common passwords that people use that aren't very strong. We will explain what makes these passwords weak, so that hopefully when we explain the factors that contribute to a strong password, they will make more sense in the context of why passwords are weak when those factors aren't present.
Types of bad passwords
Short passwords
Examples: 1234, golf, asdf, abcd
Why they're bad: Simply put, these passwords are bad because they're too short. This means that a hacker only has to figure out a pattern of a few characters in order to crack your password and intrude into your account.
Number patterns
Examples: 123456, 111111, 123123
Why they're bad: The first reason that these types of passwords are bad is because, as patterns, they're easy to predict. This means that a hacker may only have to figure out a few characters of the password before they can simply guess the rest. The other problem with these types of passwords is that they only consist of numbers. This means that for each character, a hacker only has to guess from between 10 possibilities (i.e. each digit from 0 to 9).
Commonly-used words
Examples: dragon, mustang, football, shadow, password
Why they're bad: Like with number patterns, these passwords are weak because they only consist of letters. This means that, for each character in the password, a hacker only has to guess from between 26 possibilities (i.e. every letter from "a" to "z"). And again, they're easily-recognizable patterns that hackers can easily guess based on only a few clues.
Note that "password" is especially obvious, and is considered one of the worst passwords ever. So please do yourself a favour and never use it as your password. Thanks.
Common phrases and abbreviations
Examples: iloveyou, letmein, trustno1
Why they're bad: While these types of passwords are somewhat stronger than single words, they're still fairly weak. This is not only because the words that they're made up of are recognizable patterns, but also the sequences of words are recognizable patterns themselves. Also, many of these passwords are only made up of letters, which limits the number of possibilities that a hacker has to guess for each character.
Personal information
Examples: robert1955, geneva1967, mary70
Why they're bad: There are many places both on and off the Internet that require you to provide your personal information, or where you may give it out willingly in the interest of being social. If you have a computer password that is based on something like your name, age, birth year, and/or hometown, it won't be hard for someone who is even vaguely familiar with you or someone you know to guess it.
In addition, many of these types of information are recognizable patterns that a hacker can deduce easily. Then, not only does a stranger have access to one of your accounts, but they also have a clue as to the identity of you, a friend, or a family member.
Keyboard patterns
Examples: qwertyuiop, zxcvbnm, 1qaz2wsx
Why they're bad: At first glance, these passwords might actually look quite strong, as none of them appear to be in any particular pattern. However, take a close look at your keyboard, and you'll understand why they're bad. The first two examples are just the first and third rows of letters across your keyboard spelled out, and the third one is the first two columns of letters and numbers on your keyboard spelled out.
Thus, while seemingly random, these passwords do in fact follow easily-recognizable patterns that hackers can pick up on and use as clues to break them.
If any of your passwords are similar to the ones that we've listed here, don't panic! In our next lesson, we'll teach you how to construct a password that's tougher to crack. And in our later lessons, we'll teach you some general ways to change or reset a password on one of your accounts and replace it with a stronger one.
