Home / Blog / Are Your Passwords Easy to Crack?

Are Your Passwords Easy to Crack?

In today's world, a day rarely goes by without hearing a story about computer hackers gaining access to personal information belonging to millions of unsuspecting victims. As a result, identity theft has become one of the most pressing issues in the digital age. Unfortunately, many people unknowingly make the hackers jobs easier by failing to follow basic password security rules. And by doing so, victims find their bank accounts, credit cards, and various other online accounts compromised. However, by following a few simple rules, it's quite possible for people to ensure their passwords will not be easy to crack.

A Hacker's Favorite Password

Strangely enough, a hacker's favorite password is in fact "password." Despite warnings from online security experts, many people today still choose to use "password" as their password. Not only is it the obvious choice when hackers are trying to infiltrate a system, but it also fails to use many of the common password suggestions such as upper and lower case letters, numbers, punctuation, and other combinations to make a hacker's job harder. According to data security experts, some of the most common passwords people have used for their online accounts include:

  • 1234
  • 12345678
  • football
  • baseball
  • 1234567890

While many of these passwords are done so in an effort to make them easy to remember, people have also inadvertently made them much easier to be stolen.

Related Article: Are Millennials More Susceptible to Identity Theft?

Password Management

Along with using combinations of letters and numbers that are very easy to figure out, many people also fail to change their passwords frequently or simply use the same password for virtually all of their online accounts. According to data gathered from surveys, almost 75 percent of people admit they regularly duplicate passwords for all of their online accounts. In addition, the average person has 24 online accounts for which they use only six passwords to guard. Many people admit they have fewer than five passwords they use for all of their accounts, which again makes the job of a hacker that much easier. And along with this, the vast majority of people also fail to change their passwords on a frequent basis. Almost 25 percent of people surveyed said they have been using the same passwords for over a decade, and almost 50 percent have not changed their passwords in at least five years. By failing to use creative passwords and failing to change them on a regular basis, many people are virtually handing their information to the hackers.

Password Cracking

Unfortunately, as technology has evolved, the art of password cracking has become easier and easier. By going online, identity thieves and hackers can gain access to free password cracking tools with such names as Cain and Abel or John the Ripper that allegedly test up to six million passwords per second. With this kind of technology available to them, it has become easier and more profitable for hackers to gain access to accounts of all kinds.

In addition to these tools that are available to almost anyone willing to conduct a search for them, professional hackers also have their own systems for password cracking. Many pros create their own customized dictionaries listing the various password cracking techniques, allowing them to have even more detailed information. Some of the dictionaries have been known to contain as many as 60 million of the most common words used as passwords, including those that use numbers and punctuation in an effort to be more secure. Not only do pro hackers develop and use these dictionaries for their own use, but also sell them to the highest bidder now and then. Most often, organized crime syndicates or government operatives purchase this information, which helps them gain access to national security information from other nations as well as conduct various criminal activities such as money laundering or illegal drug distribution.

The Do's and Don'ts of Passwords

To make sure online accounts such as banking, social media, credit cards, and others are not hacked, there are many things people should and should not be doing when it comes to their passwords. For example, people automatically assume that if they add random letters or numbers to the end of their password, it will be impossible for hackers to guess. Unfortunately, that has been proven to be futile time after time. As hackers have become more sophisticated, victims also fall for phishing scams that use fake emails claiming to be from the victim's bank or other organization. These emails state they want to confirm the person's password, hoping the person will believe it and hand over their information.

So while this situation at times sounds like a hopeless battle that will end in defeat, there are in fact many things people can do to make sure their passwords are not cracked and hacked. For starters, they can go one step further than the suggested 8-letter password by making their passwords 10 or even 12 characters long. Doing this, along with using upper and lower case letters, numbers, and punctuation, may not guarantee a hack will not happen, but it will make the hacker's task that much harder. Also, using different passwords for each site and changing them every few months can also heighten a person's level of online security.

Related Article: The Best Guide for Protecting Your Credit

The Pass Phrase

For many people, pass phrases are being used to create passwords that are virtually impossible for hackers to crack. The idea of a pass phrase is to create a sentence about something specific to that person, then use the first letter of each word along with any numbers the sentence contains. The result is often a massively long password, but it's one that is almost assured to not be guessed by even the most experienced hacker. For example, a pass phrase might be "We got divorced in Lubbock, Texas on September 15th, 2004." By using this phrase, the password would be WgdiLToS15th2004, which is a 16-character password that's unique to the individual. Many people write down these passwords in a safe place, such as a journal or planner, making sure no one but them knows where it is. While still a relatively new concept, pass phrases have become more and more popular in recent years.


As online shopping and other activities have become the norm in today's society, hackers and identity thieves have grown increasingly aggressive in their efforts to steal information. However, as people have been made more aware of the dangers regarding this issue, many have taken steps to ensure their identity stays protected. By using common sense precautions and staying abreast of the latest news, fewer and fewer people will fall victim to these criminals.

Sign up for our monthly newsletter.

Get the latest tips & advice from our team of 30+ credit & money experts, delivered to you via email each month. sign up Now

Yael Kent's picture

Yael Kent is a personal finance enthusiast with experience writing about credit cards, credit repair, debt, and more. In addition to being an editor at Creditnet, she has been featured on Yahoo Finance, Reuters, and other financial sites.

Visit 's Google Plus profile for more.