Why not pay
a visit to our

main site

vibe blog - bringing life to brands

The perils of ‘lazy password syndrome’


In the techie team, we are often criticised for allocating seemingly arbitrary passwords, but there is method in our madness.

Far too many users left to their own devices choose one of the following five (instantly hackable) passwords:

1. password
2. 123456
4. abc123
5. qwerty

I can guarantee that a number of you reading this have committed this security crime at one time or another.

It is important to remember these days that the volume of information we store online, from financial data to personal details, photos and video is all available to the person with the right login details.

And the alarming thing is that, once a hacker gains access to one account, such as your email or Facebook, it can make it easier for them to access lots of other platforms as well.

Most web-based systems for instance will send a password reset to your email account, so if the hacker has access to your email he or she can then can find sites you use, request a password reset and, before you know it, has infiltrated another account.

Yes, some systems will ask you for personal identifying information as well as a login but, with access to personal information via platforms like Facebook, it’s not too difficult to track down a maiden name.

Guide for choosing a password

  • Use at least eight characters; the more the better but you obviously run into difficulties remembering the password if it gets too complex
  • Use a random mix of characters, upper and lower case, numbers, punctuation and symbols
  • Although it seems easier, don’t use the same password for everything. Try to use different passwords for each site and if you feel it’s getting too difficult to keep track, get a password manager (KeePass is a good open source one with versions for PC, Mac, Android, iOS, etc)
  • Don’t just use a word that can be found in the dictionary. Although this may be easy to remember, it is vulnerable to what’s called a ‘dictionary attack’. This is where an attacker will run a script that scans all the common words in the dictionary and tests them against your login. If you really want to use a real word to aid your memory then throw in some numbers, random caps and even some punctuation and symbols
  • Avoid using passwords that are based on personal information as these can be found quite easily via social media
  •  Don’t forget that your mobile is a gateway to all your accounts, so if you leave that unprotected it offers an easy route in for hackers

While this may have raised an eyebrow or two in terms of the potential eventualities of being less than vigilant about passwords, it’s worth taking the time to do it properly and remembering what’s at stake.


Leave a Reply

rss feeds