{"id":5211,"date":"2022-10-02T06:00:18","date_gmt":"2022-10-02T13:00:18","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=5211"},"modified":"2023-12-13T23:49:33","modified_gmt":"2023-12-14T07:49:33","slug":"4-types-of-passwords-you-shouldnt-create-unless-you-want-your-account-hacked","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/4-types-of-passwords-you-shouldnt-create-unless-you-want-your-account-hacked\/","title":{"rendered":"4 Types of Passwords You Shouldn\u2019t Create (Unless You Want Your Account Hacked)"},"content":{"rendered":"

\"\"<\/a><\/p>\n

The passwords you use to secure online accounts are essential, and if you use simple passwords, cybercriminals can guess them and access your accounts. They can steal your identity, access your email, and empty your bank account. Large data breaches are common, and the credentials of billions of accounts are easily accessible. (Want to check yours? Got to haveibeenpwned<\/a> and enter your email or phone number, to see if they show up in known data breaches.)<\/p>\n

So what can you do when faced with all of these breaches? There are two concerns. The first is that your account on one of these sites may be compromised. You can generally resolve that problem by changing your password for the affected sites as soon as a breach is announced.<\/p>\n

The second problem is more serious. If you use the same user name and password on multiple sites, breaches like this could give cyber-criminals the keys to access much of your data. Since they can use \u201cbrute-force\u201d methods to attempt to log into many websites and services, they can try millions of user name \/ password combinations to find the ones that work.<\/p>\n

Here are some tips on how not<\/em> to create secure passwords. (Don\u2019t worry, I\u2019ll link to another article detailing how to create secure passwords to protect your user accounts, but for now enjoy this Password Selection Hall of Shame.)<\/p>\n

Password Fail #1: Use a Simple Password<\/h3>\n

One thing that password breaches in the past have shown us is that the most widely used passwords are the dumbest. Here are some of the most common passwords:<\/p>\n

    \n
  1. 123456<\/li>\n
  2. password1<\/li>\n
  3. 123456789<\/li>\n
  4. password<\/li>\n
  5. iloveyou<\/li>\n
  6. qwerty<\/li>\n
  7. 1q2w3e<\/li>\n
  8. qwertyuiop<\/li>\n
  9. 12345678<\/li>\n
  10. abc123<\/li>\n<\/ol>\n

    This Wikipedia page<\/a> has several lists of commonly used passwords; I hope yours isn\u2019t there!<\/p>\n

    It turns out that you have a good chance of getting into many peoples\u2019 accounts – and computers – by just typing \u201c123456.\u201d Or even \u201cpassword.\u201d Or just the six letters on the top row of a keyboard, \u201cqwerty.\u201d Use something uncommon and you\u2019ve reached first base.<\/p>\n

    Password Fail #2: Use a Password That\u2019s Easy to Guess<\/h3>\n

    Let\u2019s say you have a son named Chauncey. When you\u2019re asked for a password that has to be at least 8 characters long, you figure it\u2019s a good idea to use his name. But anyone who can view your Facebook page will see a picture with him, with a comment such as, \u201cHere\u2019s Chauncey on the beach.\u201d That is a pretty obvious clue; many people use the names of their children, their pets, or their favorite sports team as a password. And these are easy enough to find as we publish more and more of our private lives in public forums.<\/p>\n

    You might think that adding a digit at the end could make the password more secure; so you use \u201cchauncey1,\u201d that\u2019s not hard to figure out either.<\/p>\n

    Skip this idea, and you get to second base.<\/p>\n

    Password Fail #3: Use the Date of Your Wedding (or Birthday, or Child\u2019s Birthday\u2026)<\/h3>\n

    So you got married on 6\/23\/2004. Since many sites require that you use at least eight characters for a password, you can change this to 06232004; that\u2019s certainly a password you\u2019ll never forget. That would be a good password, right? Not really. First, it\u2019s pretty easy to find; there are all sorts of databases containing that kind of information. Second, plenty of friends and co-workers know the date of your anniversary. Pictures on your Facebook page, details on your personal blog, or tweets like, \u201cHappy anniversary to my sweetheart\u201d are all giveaways. The same goes for your birthday, your child\u2019s birthday, your spouse\u2019s birthday, and so on.<\/p>\n

    If you don\u2019t use well-known or easy-to-guess dates as your password, congratulations, you\u2019ve just advanced to third base.<\/p>\n

    Password Fail #4: Use the Same Password on Many Web Sites<\/h3>\n

    It\u2019s a lot easier to remember one password than dozens of different ones, right? So you come up with one really good password and you use it everywhere: Facebook, Twitter, Amazon, eBay, PayPal\u2026 What if you\u2019ve used it on websites that have been breached? This is the main reason why cyber-criminals want to harvest passwords. If they get a user name and password and then find that it works on other web sites, they can usurp your identity, and perhaps even liquidate your assets. They can even buy things using your credit card – which is stored on, say, Amazon – and have them shipped to their addresses.<\/p>\n

    If you avoid these four password failures, you\u2019re well on your way to hitting a secure password home run.<\/p>\n

    In another article, I\u2019ll tell you how you can easily create secure passwords to protect your accounts and better safeguard your personal information.<\/p>\n

    How can I learn more?<\/h3>\n

    \"\"<\/a>Each week on the Intego Mac Podcast<\/strong><\/a>, Intego’s Mac security experts discuss the latest Apple news, including security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast<\/strong><\/a> to make sure you don\u2019t miss any episodes.<\/p>\n

    You can also subscribe to our e-mail newsletter<\/strong><\/a> and keep an eye here on The Mac Security Blog<\/strong><\/a> for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: \"Follow<\/a>\u00a0\"Follow<\/a>\u00a0\"Follow<\/a>\u00a0\"Follow<\/a>\u00a0\"Follow<\/a>\u00a0\"Follow<\/a>\u00a0\"Follow<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

    In order to understand how to make secure passwords, you should understand what makes a weak password. <\/p>\n","protected":false},"author":46,"featured_media":35584,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13],"tags":[353,106,1849],"yoast_head":"\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\n\n\t\n\t\n\t\n