New Tool Reveals How BAD People Are At Choosing Passwords

A new tool lets you check if your LinkedIn password has been compromised. More importantly, it lets you see what other people have chosen for THEIR passwords. It’s fun and education. Funucational.

Proof That A Lot Of People Have Awful Passwords

In case you’d not heard (where’ve you been?) LinkedIn recently had 6.5 million passwords stolen and published, in hashed form, on a website. LastPass.com has responded by creating a tool that lets you enter your own LinkedIn password and it will test it to see if your password was one of the passwords that was leaked.

Password. Pa55w0rd. PaSsWoRd.

Now I’m not for one second going to advocate typing your current LinkedIn password into this website, regardless of how many times they claim it is safe to do so. The ONLY place you should be entering your LinkedIn password is on the LinkedIn website, that’s just common sense. But what it DOES give us is the rare opportunity to test some passwords to see if people have used them. I’ve spent a little time trying some out.

Here are just a few leaked variations of the word “password”:

password
Password
pa55w0rd
PaSsWoRd
pass123
password123

The Top Ten LinkedIn Passwords

According to an infographic purporting to have come from rapid7.com, the top 10 LinkedIn passwords are:

  1. link
  2. 1234
  3. work
  4. god
  5. job
  6. 12345
  7. angel
  8. the
  9. ilove
  10. sex

If you’ve ever considered using any of these, or any combination of these, please don’t.

Try it yourself, there are some truly awful passwords in there!

How To Pick A Strong Password

There are a number of tricks to choosing strong passwords and I plan to cover what I consider the best password policy ever in a future post (edit: Never Forget Your Password Ever Again. Ever. EVER!), but to get you started here’s a really easy way to create an incredibly strong password:

  1. Think of a reasonably long phrase (8 or more words ideally) that’s easy to remember. For example, “when the mites go up the tights go down” (which is one way of remembering which are stalagmites and which are stalactites).
  2. Take the first letter of each word of the sentence: “wtmguttgd”.
  3. Think of a number that has some relevancy to you, perhaps the year someone you love was born: e.g. 1979.
  4. Now add that number somewhere in the string of letters you had: “1979wtmguttgd”.
  5. Choose some letters to be capitalized using whatever rule makes sense to you, e.g.: “1979WTMGUttgd”, or “1979WtMgUtTgD”.

Some more examples you might consider:

  • “A stitch in time saves nine.” => “asit1983S9”
  • “This is the best website in the world” => “2405titBwitw1977”
  • “I hate picking passwords for websites” => “iHpP4W1066”
  • “Better pick a pocket or two” => “1960Bpapo2”

Oh, and I checked, none of those passwords were amongst the compromised passwords! ;)

About Matt Lowe

Matt Lowe is a WordPress web designer / developer based in Newbury, Berkshire. After 8 years of doing the nine-to-five for other companies and watching them make the same mistakes over and over he set out in business on his own, forming Squelch Design to help businesses get online and make money.

Leave a Reply

Your email address will not be published. Required fields are marked *