I’ve been using my dog’s name as my password and my colleague was really sarcastic about how dumb that was. Okay, what makes a good password, Dave?
Your dog’s name, your child’s name, an easy to enter pattern on a keyboard, all of those are indeed poor passwords, even though you may think “how could a bad guy know the name of my dog?” The problem is that it’s not some unkempt hacker in their mom’s basement trying to figure out your password, it’s a software program with access to a huge dictionary of not just the English language but common names, variations, reversed words, and more.
In fact, a company called SplashData analyzed passwords from millions of accounts by digging through hacked and then released datasets from big companies. And out of those millions of accounts, the most common password they found was “123456“. So on the bright side, at least your dog name is harder to guess than that!
Also in the top ten are “password”, “12345”, “12345678”, “qwerty”, “123456789”, “1234”, “baseball”, “dragon” and “football”. You can read the entire list if you’d like, it’s quite interesting actually.
But let’s talk about passwords. Go to change your password on your Windows 10 system, for example, and it prompts you as usual:
Certainly that key icon fills me with confidence. I mean keys, padlocks, security, right? But click on “Change” and once you’ve validated your own account, it’s clear that there’s not much guidance from Microsoft on how to pick a good password:
Try to enter a bad account password – like my attempt with “1234” – and rather than just accept it, Windows 10 will complain and offer some suggestions:
On the Mac side, it’s a similar sort of thing:
But see that tiny key icon on the Mac window? Click on it and up pops one of the least known features of MacOS X: The Password Assistant:
It’s quite a neat feature and makes it really easy to quickly generate a strong, impossible to guess password that you still have some chance of remembering. In the above you can see it’s suggesting a good quality password of “Verne33!awol” which meets all the best practice rules for passwords.
And what are those rules? Here’s what you should aim to have with every password:
- Upper and lower case letters
- One or more digits
- Punctuation symbols
Longer passwords are always more secure too, so instead of aiming for the minimum length, try something a few characters longer.
If your dog is named Bailey, for example, then “H1Bailey!!” would be a good, simple, easy to remember password that’s still difficult to guess or crack. Not too difficult, and that’ll get your colleague off your back about passwords!