The safety of your identity, data and online accounts relies heavily on the strength of your passwords, which is why you should be able to tell the difference between weak vs strong passwords.
The importance of password security goes far beyond personal safety, as corporate breaches due to compromised credentials affect millions of people and cost billions of dollars each year. In fact, a recent report by Verizon reveals 81% of hacking-related data breaches are due to stolen or weak passwords.
Learn the difference between weak and strong passwords, examples of each and how you can ensure you always use strong passwords.
Weak Password: Definition
A weak password is a character combination that is easy for friends, bad actors or password-hacking software to guess. While your passwords may follow credential strength best practices, other factors, such as reuse, can still make them vulnerable.
Examples of Weak Passwords
According to our Workplace Password Malpractice Report, 62% of employees share passwords by text message and email. Exposure to external parties and poor password-sharing methods are common security mistakes.
Take a look at these common examples of weak passwords and compare them with your current password creation and security practices:
-
Short passwords – A single word such as Igloo or Peanuts, as well as a numerical phrase like 12345.
-
Recognizable keystroke patterns – Take a look at your keyboard and find QWERTY or 1QAZ2WSX.
-
Personal information in passwords – Including information such as date of birth, street name and name in passwords. For example, a password of John99 or Maplewood09 for John, born in 1999 and living in Number 9, Maplewood Street.
-
Passwords varied with a single character – Changing from lowercase to capital letters or adding a period, ampersand or exclamation mark for “different” passwords across accounts. For example, Alice2004 and AlicE2004.
-
Common combinations – The word password is one of the ten most popular passwords in the world.
-
Repeated letters or numbers – Combinations such as 55555 and bbbb are arguably the easiest to crack worldwide.
Strong Password: Definition
A strong password is a long combination of unique characters that is difficult for other people to guess or technology to crack. A study reveals that brute force attacks, which account for most breaches due to weak passwords, targeted 26% of companies each week in the middle of 2021 – an increase of 160% from the average of 10% at the beginning of the year. Bad actors also use password spraying or credential stuffing to crack passwords.
Examples of Strong Passwords
Choosing a secure password doesn’t have to be a tedious process, as long as you know what makes credentials strong.
Consider some of these best practices with examples that differentiate weak vs strong passwords to help secure your accounts:
-
Lengthy combinations – Long passwords with various character types, such as numbers, letters and symbols. For example, your place of birth and year becomes N0r+Hc^R0|in^99
-
Passphrase – A sequence of words or longer text strings is more secure than a single phrase. For Todd, who likes pancakes, a passphrase can become +0DD|iK3SPa^cAk3S
-
Mnemonic – Create passwords inspired by events notable to you. For example, a Cubs fan will remember a win against the White Sox. So, “my best moment is watching Billy Hamilton steal home and hit a home run in 2020” becomes mBMiWbhSHaHAhRI2020
-
Non-dictionary words – Dictionary words — formal or slang — are publicly known combinations of characters stored in a database that cybercriminals access using software to input thousands of passwords per second. For example, bacon is a short, five-letter word with the same character type; software can crack this instantly. Use words — and other character types — that make sense to you alone.
Random Passwords
Random combinations are one of the strongest types of passwords as they have no connection to users and cannot be easily guessed. However, while random passwords are effective, their complexity prompts users to write them down, which increases the vulnerability of such credentials – defeating the purpose of uniqueness.
This is why password managers are important. Password management solutions help people store and retrieve their credentials easily, without using post-it notes or emailing themselves. In addition to safeguarding passwords, Keeper’s password generator suggests strong and unique passwords for both existing and new online accounts.
Choose a Password Manager that Strengthens Your Credentials
Credentials you safeguard with password managers, some of which have end-to-end encryption, are much less likely to be exposed than passwords written on a notepad or emailed to a friend or family member. Password managers like Keeper allow for secure password sharing and the ability to set permissions for those you share with, such as “View Only” or “Can Edit and Share.” Keeper also includes a random password generator that automatically creates and saves new account credentials in your vault.
Password managers help you to store, track and organize your credentials. Keeper is a password management solution that makes it easy to generate and store high-strength passwords for all of your accounts.
Ready to start using stronger passwords for everything? Start your free trial today.
Frequently Asked Questions
How to pick a secure password?
You can create a strong password in a few easy ways:
- Type out a random combination of letters, numbers and special characters. (This may be difficult to memorize and may result in more challenges.)
- Create a mnemonic from a notable event in your life and swap out some letters with other character types such as symbols and numbers.
- Use a password manager such as Keeper that generates and stores secure passwords, taking the pressure off of you to remember them.
Is a 10-character password considered strong?
Many online platforms require at least eight characters for passwords, which puts ten characters above the prerequisite for creating credentials. Password security best practices suggest that the longer the password, the better, which means 10-character passwords are not the strongest in terms of length.
However, length is only one of the criteria for password strength. While a 12-character password is likely more secure than 10 characters, combining letters, numbers and other unique symbols strengthens your credentials.