5 Things you should never do in your passwords

Top 5 things you should never do in your passwords

This post is part of #passwordMonth at Pope Tech, all throughout October we are sharing tips on how to have a good strategy so you don’t become a story at one of our presentations.


1. Use a password off of a dictionary list

What is a dictionary list you ask? Websites get hacked all the time, and sometimes we even know hear about it. When passwords are compromised as part of the breach they often end up on lists that you can get for free. Its called a dictionary list. It includes known used passwords. When trying to compromise an account if your password is on this list you just made it easy.


2. Use the same password in multiple places

So this one is pretty obvious but really important. you need to have confidence that your bank isn’t compromised because myspace had poor security. This is more important because it is an easy way to end up on a dictionary list this way. Its not a different password if you just add GM or FB or CB at the end for Gmail, Facebook, or Chase Bank. If I see your password for Gmail is somethingGM, I am guessing on facebook it will be somethingFB.. Just a hunch…


3. Add a 1 at the end or a sports jersey number

We’ve all done it, but just adding the exclamation point or a 1 at the end to comply is pretty predictable. Sports Jersey’s shouldn’t be in passwords either, they are on password dictionary lists.


4. On mandatory password changes change the end or beginning

Don’t blush, we know you are guilty of this. When a company or website password policy makes you change your password our first instinct is to use the same thing but add a 1 or summer or q1 or 2016 at the end.. Don’t! They know about it too!


5. Commonly known or Googleable information about yourself

This seems obvious but you would be surprised how often people or even companies just take part of their name and put it with a year.


Example of a bad password: sumer2016popetech23… Everything here is common and on dictionary lists, if this is our password we most likely do the same thing on other sites causing us to fail 1 and 2. At the end we have 23 for Michael Jordan failing number 3. By the date we can tell when we have to change it we just change the date failing number 4. And of course everything is common knowledge hitting number 5.

A good password you ask? Completely random, something like k5TnB6mP!^TmCpv&U#MU46c. Next post we will share some tools on how you can generate and remember a good password or how you won’t have to anymore.