<img src="https://secure.leadforensics.com/32105.png" style="display:none;">

Cybersecurity News, Advice and Opinion

Think you have a 5m4rt P@55w0rd?

Posted by Norman on Apr 1, 2012 9:09:00 AM
Find me on:

Good passwords are easy to remember and hard to guess. Many people though find themselves falling into the trap of using weak passwords or employing weak password practices for convenience.

Weak Passwords are ones which are easy for someone to guess or easy for a comptuer to crack. Weak passwords can be ones where you:

  • Use dictionary words
  • Use short passwords which are easy for brute force programmes to determine
  • Use personal information such as your name, birthday, pet name, favorite football team.
  • Use default or standard passwords such as password, password1, qwertyuiop, 12345678, abc123.
  • Using obvious mispellings: 'passwrod' or abbreviations such as 'pwd1'
  • Use obvious password conventions such as replacing the letter 0 with zero, or L with 1, S with 5 etc. Pa55word is one of the most common password mistakes people make, and worst still, peoople often think they are being clever and are more secure because of it.
Weak passwords practices are those which can expose even strong passwords to third parties, or compound the damage caused by one password being compromised. Some examples of weak practices:


  • Writing passwords down on a Postit note or storing them in your phone
  • Entering passwords in a Word or Excel document. Even if you delete that file there will still be a recoverable imprint of it on the computer.
  • Emailing passwords to yourself or others. Your email hosting company can read all of your emails. All it takes is one unscrupulous employee to go into your account and they have access to read your emails and any passwords you’re sending within.
  • Having the same or a similar password for everything. The Playstation hack resulted in many gamers' accounts outwith PSN being hacked as they had signed up to PSN using the email address and the same password that was actually used for their email account. Once the hackers had access to the gamer's email account they were able to request password reminders from a multitude of websites and obtain access.

my1login helps protect against the use of weak passwords and weak password practices.

As you no longer have to remember passwords for all your websites, you are free to make them strong and unique. Using my1login, a typical password for your gmail account could be "$~dY>zD9n_+J]SkMZoPlZhBZ3" and a typical password for your Facebook account could be "DCTt8B-4J#F$Hxssv7}3k)oax". The length and entropy of these passwords make them extremely strong, and using different passwords for all your sites means that should any remote site be compromised no other site of yours would be affected

Using my1login also does away with the need to rely on insecure practices such as writing passwords down or storing them in documents, spreadsheets or even on your phone. Passwords can also be securely shared using my1login meaning you'll never need to email a password, or need to select a weak password because it's simply easier to convey?


Topics: Articles

White Papers