123456: How Easy Are Your Passwords?

Posted on March 20, 2022Comments Off on 123456: How Easy Are Your Passwords?

Remembering passwords is a skill and we are mostly not gifted. When I started using gadgets and signing up to mediums that require passwords, I used only figures. I just wanted passwords that I can remember, so I used important figures in my life. Like the year I left high school and the year my favorite drama was released. Then I decided to use a second password in order not to put all my password eggs in one security basket. This time, I chose only letters, my nickname, let’s say “Rose”. Now when I log in with Rose and I am told wrong password, I put 2001.

Later, passwords evolved as hackers got wiser. Mediums now required at least six characters. So I gave them eight. rose2001. Some mediums are case sensitive: Rose2001. Some mediums require a symbol: Rose@2001. I began to use a series of suffices: 1974, 1886, 0101, 2020, 1759, etc.

You will be shaking your head now at how unsmart I am but I have seen worse.

Easy Passwords

Some use their birthday as password 032292

Some use their phone number, 2015552301

Some use their phone numbers spelled backward, 1032555102

Some use their real name, Rosemary

Some use their town, Newark

Some use their daughter’s name, Annabel

Some use a random word in the dictionary, Wailing

Some use sequential numbers 123456

Some use sequential letters qwerty

Or both qwerty123

Or !@#$%^&*()

Don’t laugh, some use password as their password. Or mypassword.

And many more. And the word you used above is not the right word: It is not about being smart or not. It is laziness and a feeling of carefreedom that comes from not carrying the national secret on your head. What is the worse thing that would happen if you hack into my Instagram or Facebook? You may find a conversation with Chloe where we said that your cousin has bad breath. What else? There are no nuclear codes anywhere.

So at a stage of my life, Social Media gossip and passing flirting were my biggest secrets. When your credit card balance depresses, you don’t keep awake looking for impregnable passwords.

How hard should your password be?

No matter how hard your password is, some computer can crack it. But the question is how soon? I used this tool to check the difficulty of the passwords above and it takes a computer microseconds, milliseconds,  and instantly to crack them. The most difficult password above, Rose@2001 will be cracked in 16 hours. Adding @ to this will require one month to crack.

Did you know: Dead people can get goosebumps

In contrast, this computer-generated password VhGVlQvUBMuUCNX will take a computer 44 million years to crack it according to the tool above. Removing a character will reduce the difficulty to 837 thousand years, removing two digits will reduce the difficulty to 16 thousand years. One more word removed will give you 300 years, then 6 years. If I remove another word, it will fall to a mere one month which is still good enough for your secret Twitter account.

So if you cannot think of a random combination that would create a great password, there are tools online that can help you. Or you can ask the medium to help you. WordPress, for instance, will generate a password for you. The problem is remembering. I used to write down all my passwords in a passworded-MS word document without the last character. So to get the password to my Amazon account, for instance, you need to crack pass my PC password. Then you need to crack the document carrying my passwords which is hidden in a folder that has to do with recipes. After this, you will see the passwords but you need to guess the last characters.

Exhausting even to me, the owner.

Today, there are people who kick against system-generated passwords because they fear the medium keeps a copy. But it is not a big deal as the medium can always get into your account whenever they want. They don’t even need your password. A court order will serve. But except you are involved in a crime, the system ability to know your password should not worry you. This is why you should use only trusted organizations. And the fact that you can sue them for any breach of data should bring you some form of comfort.

There are a number of password managers out there including Dashlane, Keepass, Lastpass, 1Password, etc.

Boxes to tick when creating a stronger password

12 characters (at least)

A mix of upper and lower cases

A combination of letters, numbers, and symbols

Avoid dictionary words in your combination (if you must they shouldn’t make sense as a whole)

It should not be a password you already use elsewhere

Image: Pocket-Lint