Share on Facebook

A Trusted Friend in a Complicated World

9 Reasons Your Password Is Going to Get You Hacked

You may feel like your password is safe because it uses letters, numbers, and an ampersand, but don't be so sure. Here, secrets to why your secure account is more hackable than you think.

1 / 9
9 Reasons Your Password Is Going to Get You HackedEugenio Marongiu/Shutterstock

Your password is “Password”

Amazingly, “password” always ends up in a top spot of the most popular passwords, according to hackers who stole millions of them. Also popular: “123456” and its neighbor “12345678,” “welcome,” “letmein,” and “jesus.”

2 / 9
9 Reasons Your Password Is Going to Get You HackedTatyana Chaiko/Shutterstock

You didn’t check its strength first

The Password Meter is a handy resource when setting up new accounts or changing your login info. It plugs your password into a formula and shows you exactly what its greatest strengths are (symbols) and weaknesses (sequential letters), thereby allowing you to tweak it to perfection. Don’t miss these other online safety secrets that hackers don’t want you to know.

3 / 9
9 Reasons Your Password Is Going to Get You HackedMinDof/Shutterstock

You use the same password for everything

Well, someone got into your email and saw your Facebook post responses and an account statement from your bank. But hey, at least login info is different, right? … Right? 

4 / 9
9 Reasons Your Password Is Going to Get You HackedAfrica Studio/Shutterstock

Your security question is obvious

Sites will often ask you to provide a security question and answer for use when you forget your password. Try for something complex or personal so nefarious types can’t figure out the answer with a simple Google search—McAfee suggests a question like, “How was your first kiss?” with a quirky answer only you would think of (“Rocked it like a hurricane!”).

5 / 9
9 Reasons Your Password Is Going to Get You HackedGaudiLab/Shutterstock

You use a common phrase

Just like you don’t want an obvious answer to a security question, you don’t want your password to contain a word or phrase that’s meaningful to you, like your sister’s name or your hometown. These are too easy to guess (and can simply be found online). Try incorporating “opposite” words, like your least favorite color or the site of your least favorite vacation. These are the secrets identity thieves definitely don’t want you to know.

6 / 9
9 Reasons Your Password Is Going to Get You HackedLightField Studios/Shutterstock

You didn’t use the space bar

Many sites and programs don’t actually allow you to use a space in your password, which is exactly why it’s valuable to do so when you can. Anyone trying to guess at your password may not even think to tap on the space bar.

7 / 9
9 Reasons Your Password Is Going to Get You Hackedpanitanphoto/Shutterstock

You didn’t use a mnemonic device

Lifehacker suggests using the Person-Action-Object (PAO) method to create an unbreakable password. Visualize a famous person doing a random act with a random object (say, Abraham Lincoln surfing with a gallon of milk). Now combine parts of that phrase to make a new word, like AbeLiSurfilk. Not only do you have a word that’s too random for any hacker to crack, but you’ll be the only person it makes sense to. Plus, our brains remember data better with visual cues (and especially with weird ones), so memorizing it will be a cinch. Here are some online scams to be aware of—and how to avoid them.

8 / 9
9 Reasons Your Password Is Going to Get You HackedGaudiLab/Shutterstock

It’s not long enough

Security experts say your password should be 12-14 characters long if possible. Similar to the use of spaces, many services don’t allow such length, which can provide a security boost. Make sure you follow these tips to protect yourself from online scams.

9 / 9
9 Reasons Your Password Is Going to Get You HackedGaudiLab/Shutterstock

You don’t use two-factor authentication

Here it is, the Big Bertha of security tips. Every time you log into a website or email client, you type the same ol’ string of characters—not exactly hacker-proof, especially if you use the same password across platforms. Two-factor authentication helps.

It’s basically what it sounds like: After typing your password, sites and services that use two factors ask you to present an additional piece of information. Most likely, you have a separate program or physical device, also known as a “token,” that presents randomly generated numbers and communicates with the website or software you’re accessing, allowing you an extra layer of security. Type your password, get the random numbers from your token, and type those in to move along.

Think a token sounds niche? Consider this: A few years ago, Blizzard—the gaming company behind massively successful titles like World of Warcraft and Diablo—introduced a $6.50 “authenticator” device for users in an effort to stop hackers from stealing items and in-game currency. Gmail offers a similar service, as do various other email clients and social networks. For more tips on cyber safety, check out these expert security tips that can keep you from getting hacked.