Experts list five of the dumbest mistakes in choosing a password

Online hackers still have it too easy. Way too many people choose passwords that are either too short or too simple or use the same password too often when they are trying to protect sensitive information and data. 

Luckily there are some tips on how to avoid the dumbest mistakes when picking a passport.

Don’t use your user name as your password too.

Users should never include their own name, user name, email address or personal data in the password. That makes it too easy to figure out a password with just a little bit of research, the Hasso Plattner Institute for Software Systems Engineering (HPI) said in Potsdam, Germany. 

Real words a giveaway.

Words out of a dictionary have no place in a password, as the right programme can crack into the system in no time.

"Current password crack programmes can try about 1,500 different combinations per second," said professor Christoph Meinel from HPI. 

It is not even good to use proper names or set phrases like "iloveyou" or simple combinations such as "1c2d3e," since they are fairly predictable as well. 

The HPI suggests a mix of words, numbers and symbols. Start with a phrase like, "I always have trouble remembering passwords at 10:30 p.m.!" and turn it into the password "Iahtrp@10:30pm!". 

Exact spelling makes you vulnerable.

"Password" or "letmein" are also insecure passwords because they use conventional spelling. The HPI recommends substituting capital and lower-case letters, numbers and extra characters in a quirky way that is easy to remember. "LeTm€1n" for example is more secure. 

Don’t make it too short.

"123456" is not just a bad password because it's predictable, but also because it is only six characters long. The shorter it is, the easier it is to crack. Passwords should be at least eight characters, according to the HPI.

The German Information Security Office suggests passwords should be at least 12 characters long.

One-for-all doesn’t do the trick.

While using one password to log in everywhere may be practical, it is also extremely dangerous.

Those who use one password for various services are offering a goldmine to a successful hacker. If the hacker guesses the password right one time, then all of the other services such as email, social networks and shopping access are jeopardized. 

Last update: Sat, 03/09/2016 - 01:26

More from Science & Tech

Lander crash has not endangered Mars mission, Russian experts say

The Russian-European ExoMars space mission remains on track despite the Mars lander Schiaparelli's crash on...

Mars lander may have "exploded on impact," European Space Agency says

The European Space Agency's Schiaparelli Mars lander may have "exploded on impact" after a failed descent to the...

Mars orbiter a success, but fate of lander uncertain after touchdown

The orbiter in a joint European and Russian mission to Mars has been a complete success, but it is not known if the...

Mars spacecraft in orbit but no clear signal from lander

A joint European and Russian mission to look for signs of life on Mars has successfully placed a spacecraft into the...

Probe headed to Mars in make-or-break moment for Euro-Russia mission

Seven months after its launch, a multibillion-dollar project to look for traces of life on Mars faced a crucial...