7 Reasons Your Password Security Is Weak

You may feel like your password is safe because it uses letters, numbers, and an ampersand, but don't be so sure. Here, secrets to why your secure account is more hackable than you think.

By Damon Beres
  • Loading

    Your Password is "Password"

    Amazingly, "password" was the most popular password in 2012—according to hackers who stole millions of them. Also popular: "123456" and its neighbor "12345678," "welcome," "letmein," and "jesus."

    You Didn't Check Its Strength First

    The Password Meter is a handy resource when setting up new accounts or changing your login info. It plugs your password into a formula and shows you exactly what its greatest strengths are (not enough symbols, eg) and weaknesses (sequential letters), thereby allowing you to tweak it to perfection.

    You Use the Same Password For Everything

    Well, someone got into your email and saw your Facebook post responses, and an account statement from Your Bank. But hey, at least yourbank.com login info is different, right? ... Right?

    Your Security Question is Obvious

    Sites will often ask you to provide a security question and answer for use when you forget your password. Try for something complex or personal so nefarious types can't figure out the answer with a simple Google search—McAfee suggests a question like, "How was your first kiss?" with a quirky answer only you would think of ("Rocked it like a hurricane!").

    You Didn't Use the Space Bar

    Many sites and programs don't actually allow you to use a space in your password, which is exactly why it's valuable to do so when you can. Anyone trying to guess at your password may not even think to tap on the space bar.

    It's Not Long Enough

    Security experts say your password should be 12-14 characters long if possible—similar to the use of spaces, many services don't allow such length, which can provide a security boost.

    You Don't Use Two-Factor Authentication

    Here it is, the Big Bertha of security tips. Every time you log into a website or email client, you type the same ol' string of characters—not exactly hacker-proof, especially if you use the same password across platforms. Two-factor authentication helps.

    It's basically what it sounds like: After typing your password, sites and services that use two factors ask you to present an additional piece of information. Most likely, you have a separate program or physical device, also known as a "token," that presents randomly generated numbers and communicates with the website or software you're accessing, allowing you an extra layer of security.Type your password, get the random numbers from your token, and type those in to move along.

    Think a token sounds niche? Consider this: A few years ago, Blizzard—the gaming company behind massively successful titles like World of Warcraft and Diablo—introduced a $6.50 "authenticator" device for users in an effort to stop hackers from stealing items and in-game currency. Gmail offers a similar service, as do various other email clients and social networks.

    POPULAR RIGHT NOW

    Become more interesting every week!

    Get our Read Up newsletter

    Sending Message
    how we use your e-mail

    Your Comments