Skip links

Password Security – Keep It Complex!


Are you a serious risk for account piracy?

If your passwords are things like “1234,” words like “password,” or simple things like your first or last name, you could be at the front of the line for all kinds of hacking and phishing that can easily get into your accounts and wreak havoc there.

Security experts at conferences often show how it’s easy to unlock the passwords of significant portions of an audience, just by guessing. Too many of us don’t make our passwords complex enough to really secure our data. Whether it’s our bank accounts and online banking passwords, our web project access, our health accounts, insurance handling accounts or other online tools, black hats folks are able to steal access from us.

The Fine Line

Some of the major reasons that people get lazy on passwords is because they want to be able to remember those passwords when they click back in days or weeks later. But in some cases, having a weak password can be a lot worse than having to keep password information on hand.

Hackers generally use lexical dictionaries and other data resources to query a password until they get in. They can input a wide range of results, to blanket the system, in order to break the access barriers that are naturally there. Some people have tried to get around this issue by making small changes to their passwords, for instance, uppercasing a letter, or making letters into numbers within a word. The hackers have adapted, and even things like “PA55W0RD” may not be effective.

Real Security Tips

How do you really make a strong password? How do you make sure that you’re not leaving the back door open to thieves? First, stay away from using unembellished, plain English words — or even plain words in other languages. Simple words are very vulnerable, because they can easily be guessed.

To mix it up, add a mix of uppercase and lowercase letters, or special characters like a dollar sign, an ampersand, an underscore, or certain kinds of punctuation. Just a few of these inserted into the mix can baffle cyberattackers. You can also use a mixture of numbers and letters, but try to do it in a way that’s not logical or transparent. For example, a random two-number tag at the end of the password can add several orders of magnitude in terms of security.

At WebSubstance, we understand how to integrate security into vibrant web projects. Work with us to create sites that look good and work good, too, with common sense safeguards for the dangers of today’s Internet.