Deciding on a Safe Password

by techtiptom

Originally posted on on 07/20/2009:

Most people are clueless as to how accounts are hacked and their passwords reflect that. If you find anything in common with the most common passwords below you have a weak password. This is to help people choose a strong password and possibly help site administrators understand the risks.

Most Common Passwords

1. 123456, 123, 123123, 01234, 2468, 987654, etc
2. 123abc, abc123, 246abc
3. First Name
4. Favorite Band
5. Favorite Song
6. first letter of given name then surname
7. qwerty, asdf, and other keyboard rolls
8. Favorite cartoon or movie character
9. Favorite sport, or sports star
10. Country of origin
11. City of origin
12. All numbers
13. Some word in the dictionary
14. Combining 2 dictionary words
15. any of the above spelled backwards
16. aaa, eee, llll, 999999, and other repeat combinations

Common Extensions

Some sites force you to have passwords with both numbers and letters. For example Bob’s password is football, and the site asks him to add some numbers to it to make it valid. Here’s what people usually add.

1. Their year of birth / marriage / graduation (or expected grad) from HS or college
2. 007
3. 0 – 9
4. 69
5. 000, 111, 4444 or other long combinations
6. 123456, 123, 123123, 01234 and other retarded combinations

Years are usually added in different ways: football85, football1985, football04 instead of football4. There’s also the possibility of sub-connections like football_04 and football-84. Many sites require both numbers and letters so these are a more likely occurrence since people tend to want to have the same pass for everything.

My opinion on an Ideal password

Mixed numbers and letters over 8 characters long. Memorize it once, use it forever. For example, use a favorite song title and change some of the letters for numbers and inter-mix some capital letters:

To Sir With Love (the theme from the 1967 film; originally recorded by Lulu.)


That’s a capital T, a zero, a lowercase “s”, the number 1, a lowercase “r”. Then “with” spelled out (all lowercase), a lower case “l” (looks just like a one!) another zero, a lowercase “v”, and finally the number 3. Let them try to hack that one!!!