3 reasons why your password sucks (and how to fix it)

Your passwords are critical for securing many parts of your public and private lives. Here's why your password sucks, and what you can do to fix it.

Are you trying to build a kick-ass brand but not sure where to start?

Take our free assessment to generate a personalised brand action plan.

Each week we ask the members of our free Facebook group a question to help the community get to know each other. We love reading through your responses and seeing how supportive the community is to each other. This week we wanted to know what they considered to be the most valuable thing they own. As always we received some really great answers, such as…
  • Tibetan singing bowls – Kathryn
  • Wedding photos – Janice
  • 3 hours of daily ‘me time’ – Sudhyasheel
  • Passport & photos – Lisa
While some of them were more obvious than others (I’m sure many of us have photos that are dear to us), it was touching and inspiring to see what our members valued. your password sucks But out of all of the answers we received there was one thing which nobody mentioned… Their passwords. It’s probably not the first thing that comes to mind – perhaps because they aren’t a physical item? – but your passwords are critical for securing many parts of our public and private lives. Today, we’ll look at three reasons why your password sucks (probably). Here goes…

1. It’s too common or easy to guess

For many of us, we know that passwords are essential but that doesn’t stop them from being an inconvenience. Even if you only use a handful of services online you still have a bunch of passwords to remember. Sometimes, easy to remember passwords are easy to guess passwords – but this isn’t always the case. Your password could be easy to guess for a number of reasons, perhaps it is the name of a loved one, a pet or a place you have fond memories of. Ask yourself: Could someone guess your password from the things you share online? If your password is the name of a family member, could someone figure this out by taking a quick look through your Facebook profile? Don’t change what you post to social media (I’m sure you’re friends and family love to see what you’re up to), instead change your password. Perhaps your password has no connection to you or your relationships? While this may be a better approach it can still mean that your password is too common. It could be a number, a thing or a word such as:
  • 123456
  • password
  • letmein
These examples are taken from a list of the top 25 most common passwords of 2017, is your password on the list? Here’s the shocking part… The list of the 25 most common passwords is compiled using information obtained from real data leaks. This means that these passwords are real, have been stolen and have been made available for others to abuse!

2. You use the same password

Another mistake when it comes to keeping your online accounts secure is using the same password for multiple services/websites. We were recently alerted to an incident with one of our Alliance members that believed their website had been hacked. Our team sprung into action and began investigating the issue. Something clearly wasn’t right. The website looked mostly the same but there were some strange blog posts which we didn’t recognise. They had titles like:
  • Costco Pizza Inexpensive Lasagne, but is it Worth It
  • APA essay that is reflective: learn details and produce your action plan
  • Characteristics of Russian Brides
Upon further investigation there were additional users added to the site that also shouldn’t have been there. Without a doubt the site had been compromised, so we got right to work cleaning it up. Did some sneaky hackers crack the website password? It turns out that the website was hijacked and being used as a way to make other websites appear more credible. By writing articles and linking out to a specific website, search engines like Google would think that the linked website is a valuable resource. The idea is that this would help the website show up more in search results – but this is a whole other topic. The worrying part is that the people responsible for turning the website into a link-farm didn’t need to do anything fancy to gain access to the website. They had gained access to our members email account and within there they found other usernames and passwords in plain text. A quick copy & paste and they could use this set of details to open up all kinds of doors. But how might someone gain access to your email account in the first place?

3. You’ve already been breached

Do you know if your account information has been shared online? Would you know how to check if it had? We once believed that we needed a strong password to prevent hackers from trying to brute force their way into our accounts. Using special software that tries different combination of words to guess your password, they could eventually find their way into our accounts. While this is still possible – and the reason you should use a mix of letters, numbers and symbols for your passwords – there is a much more likely way that someone could gain control of your account. No company knowingly allows their customers information to be stolen but it happens. There are some people out there who see your data as an opportunity to make some quick cash or stick it to society. Your data could be stolen along with thousands of other users and then posted online or sold to the highest bidder. If you use the same password for several services this data breach becomes much more damaging. If, however, you use the same password for everything then you might just be handing someone a master key to your entire online life.

Check your accounts now

1. Go to https://haveibeenpwned.com/ and type in your email address. 2. Hit the ‘pwned’ button to search and see the results. The results are in and… uh oh! My personal email account may have been part of a data breach. This is not a mock-up. My real details have been leaked and are out there somewhere. Scroll down to see where the breaches took place and when. You’ll see a list of companies/services along with what exactly has been compromised. Here you can see that in May 2014 the URL shortening service Bitly was breached and email addresses, passwords and usernames were stolen. Remember when we said using the same password was a bad idea? Now you should understand why. That said, it’s important to know that just because your information has appeared in a breach doesn’t mean all parts of it have. Sometimes a breach is just your email address, or a name and address. One thing is for sure though: if you have been involved in a breach then it’s a good idea to take precautions.

How to strengthen your security

Fortunately for me (and my poor Bitly account details) I have used a password manager for many years. I originally started using one so that I didn’t have to remember my password and I didn’t have to type it out each time I wanted to login to a site. My quest to make my life easier has probably saved me more than a few times. So my Bitly account was compromised but my password would have been 100% unique. Just a random mix of letters, numbers and symbols created by my handy password manager. A key that fits only one door. Around the time of the breach my password manager alerted me and I was able to change the login details. My old login details may still be out there in some dark corner of the web, but they are no longer valid. What could have been a stressful situation was little more than an inconvenience. Now, this won’t always be the case and sometimes these breaches can be quite serious – anything that includes credit card numbers is guaranteed to get my heart pounding. Password managers are a great way to stay organised and limit the damage that a data breach can cause, we swear by them.

How secure are your passwords?

Are you guilty of using the same password again and again? Did you find your account information had been involved in a breach? Leave a comment below and let us know how your passwords stand up to scrutiny.

Brett Worth

Project Success Manager

With a background in web design and development, Brett guides our clients through all aspects of our done-for-you branding experiences.

Are you trying to build a kick-ass brand but not sure where to start?

Take our 5min assessment to generate a personalised brand action plan.



Submit a Comment

Your email address will not be published. Required fields are marked *

You might also be interested in

10 coaching organisation websites to inspire you

A well-designed website can help your coaching organisation reach more potential clients,...

3 reasons why email marketing is still so successful

Before you write off email as old-fashioned, consider this: email marketing is still one of the...

The ultimate guide to upgrading your coaching website

Everything you need to know about transforming your current coaching website into an asset that...

How to choose your brand colours

If you’re not sending the right signals with your brand colours, let’s figure out which ones will...

10 life coach branding examples to inspire you

Consistent branding builds trust, so if yours is looking a little dated, check out these ten life...

5 things to look for when you need a graphic designer

If you need a graphic designer to make your brand sparkle, here are five things you need to know...

5 things to look for when you need a copywriter

If you need a copywriter to write for your business, how do you know if they’re right for...

5 things to look for when you need a web designer

Unless you’re super design-savvy, you’re going to need a web designer.

If you don’t back up your website files, it’s your fault

If you lose all of your precious files, this is going to sound harsh: you’ve only got yourself to...

What does an exceptional business look like?

If it’s going to go the distance, can lowering your expectations actually make your business...

17 health coaching websites to inspire your own

So good you’ll be itching to make changes to your health coaching website in seconds!

Why you shouldn’t try to serve everyone

Try to serve everyone and you’ll find yourself losing clients.

Not sure where to start?
Answer 30 simple questions to receive an instant brand analysis and generate a personalised action plan for building a vibrant, thriving brand that attracts attention, builds authority, and inspires people to take action.
Answer 30 simple questions to receive an instant brand analysis and generate a personalised action plan.
Not sure where to start?