Anyone who has gritted their way through a mandatory employee cybersecurity training understands that hackers are gunning for our passwords, which have become the Holy Grails of dark web schemers. A compromised password can give criminals access to everything from your credit card number to your Social Security information, and the fallout can be an enormous hassle. Yet most people are too busy to spend much time thinking about password management or are operating on well-intentioned but extremely dated advice. What can individuals do to stay ahead of the next phishing operation?
Don't use iterations of an existing password
Don't use the same password across multiple accounts
So many bad password habits arise from the difficulty of managing so many accounts, and 78% of respondents in a 2024 survey admitted to recycling passwords across multiple accounts or domains. If you use the same password across a number of domains, you are leaving yourself open to coordinated attacks. Having obtained your skeleton password, hackers will "launch credential-stuffing attacks" by "using those logins to access other accounts," said Dashlane. And because "most online accounts assign your email address as a username, it doesn't take Mr. Robot to crack that code," said PC Mag.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Don't use personal details in your passwords
Another extremely common practice that experts caution against is using "your personal details such as your birthday, hometown or pet's name," said the Canadian Centre for Cyber Security. While tying your passwords to easily accessible life experiences, milestones and individual data obviously makes it easier for you to remember, the problem is that using such details increases your risk because they "can be found by a quick search on social networking sites," said the Department of Homeland Security. "More than half of people admitted that they use familiar names in their passwords," including a child's name, a street name or a parent's name, said Security.org.
Don't give your passwords to other people
It may seem like a good deed, a way to save money and an act of protest against the proliferation of streaming services to give your Netflix information to a friend in exchange for their Max login, but sharing passwords is a major security risk. Because "nearly a third of respondents reported using the same password for all their streaming accounts," this risks "moochers sharing passwords with other moochers without the account holder's knowledge or consent," said PC Mag. This also provides another way for hackers and phishers to gain access to your passwords and your vital information. This even includes password sharing with a spouse or domestic partner. "Your own security might be excellent," said Wired, "but if you've shared your credentials, you're at the mercy of the weakest link."
Don't use short or simple passwords
"Something simple, short and predictable" is a "terrible password," said The World Economic Forum. For example, the password "123456" has been "used over 4.5 million times" and "takes less than a second for hackers to crack." That's an example of how a "simple or short password such as a word or name, a sequence of numbers, or combination of these, can be easily guessed by malicious attackers," said cybersecurity expert David Bader. Unsurprisingly, "as character length increases, the total amount of compromised passwords decreases," said Specops Software. Yet only 20% of respondents in a 2021 survey reported using passwords longer than 12 characters.
-
How China is battling the chikungunya virusUnder The Radar Thousands of cases of the debilitating disease have been found in the country
-
Deep thoughts: AI shows its math chopsFeature Google's Gemini is the first AI system to win gold at the International Mathematical Olympiad
-
Book reviews: 'Face With Tears of Joy: A Natural History of Emoji' and 'Blood Harmony: The Everly Brothers Story'Feature The surprising history of emojis and the brother duo who changed pop music
-
Ari Aster revisits the pandemic, Adam Sandler tees off again and Lamb Chop gets an origin story in July moviesthe week recommends The month's film releases include 'Eddington,' 'Happy Gilmore 2' and 'Shari & Lamb Chop'
-
Why passkeys are the next frontier in digital securityThe Explainer A disruptive new technology promises to put passwords to bed forever — but not yet
-
America's favorite fast food restaurantsThe Explainer There are different ways of thinking about how Americans define how they most like to spend their money on burgers, tacos and fried chicken
-
3 varied alternatives to X for when you simply cannot with the new iteration of TwitterThe Explainer These competing microblogging sites have struggled to catch up to Elon Musk's market behemoth
-
What to know about Real IDs, America's new identification cardsThe Explainer People without a Real ID cannot board a commercial flight as of May 7, 2025
-
The micro-cheating phenomenonIn The Spotlight Relationship buzzword covers a host of 'seemingly small betrayals'
-
Inside the contested birth years of generationsThe Explainer Battles over where Gen Z ends and Gens Alpha and Beta begin remain ongoing
-
Why Japanese residents can't watch their country's Oscar-nominated #MeToo documentaryTHE EXPLAINER Shiori Ito became one of the faces of Japan's #MeToo movement
