What ever happened to "1234?"

my password is 'bosco' I got the idea from an episode of sienfeld. remember ,my password is "BOSCO'

thats   BOSCO.

Given that passwords are easily defeated by people even with limited technical knowhow, it is long past time for us to move past them and develop a new and more effective form of personal identification for digital systems. 

I read where a woman used the word "incorrect" as her password.  That way, when she forgot, her computer would remind her:  "Your password is incorrect."

I just need to remember my email password - so I can get those "password reset" email from all the other sites whose password I forget!

http://mostpopnews.appspot.com/

The best passwords use capital letter, symbols, and numbers. An easy way to do this is to substitute symbols and numbers for letters in a random word or pair of words word.   For instance, you can make the words blue elephant a pretty secure password by changing it to B1ueE1eph@nt.    This example the two words are random but they give you a visual image in your head that would stick pretty easily.  It would be tough to crack as well since there are no actual words in the password.  

i doubted it would be on there but i was hoping for 12345.  Have to love spaceballs.

"And 3% write their passwords down on a post-it note stuck near their computer – the digital equivalent of leaving your front door unlocked at night."

No, its not the digital equivalent of anything. Writing on paper is still analog. The topic of writing doesn't change that. 

First, one needs to care about the use of the password. A secure password is certainly  required for sites such as banking, medical, facebook etc.

But for many sites, it may be a don't care situation both for yourself and others, for the former case I use a password manager - keepass in my case, it's a free download. For the latter I use a simple easy to remember random word . Such a word will not be easily guessed, but is susceptible to brute force attacks. 

Windows passwords can be cracked or erased using easily downloaded software, so if you are really concerned about data on your computer use a third party utility such as TrueCrypt, also good for your flash drive.

A very secure password is to take the first letter of every word from the first line of a song or poem.  It's usually very easy to teach your fingers what the password is, while you really don't have the character string actually memorized.  And they usually don't make any sense written out.

The hard part is to not start singing the song during or after the login.

So, for example, if you chose "Row Your Boat", the password would be: rrrybgdts

So, everything that essentially are your mandatory security question answers.

" After all, information such as birthdays, anniversaries and names can be easily researched using Facebook. "

Not if you DON'T USE FACEBOOK! Duh!

I've been using a password manager for a couple years. well worth the little bit of effort getting it going. I got really tired of having to recover passwords for sites i go to infrequently. The one i use is LastPass ( not affiliated with them at all ) theres a bunch of them out there. 

why on earth would you put 'password' as your password?!!! =.= 

Others are any numbers heavily associated with a profession. I can think of numbers that I would first choose if I had the card of the following people:

Tax preparers or auditors

Optometrists, oculists, opticians, and ophthalmologists

Geometry teachers

Also for cops -- badge numbers. 

I have read a few security specialists say that a system of solid secure PWs written down are far more secure than using the same weak sauce PW over and over.

I find that the best and most secure password is...Sorry, you think that I am stupid enough to tell you?

I recently worked for a large insurance company doing inside IT support, supporting internal technology users. What is frightening to me is that managers set a pin number that a new hire uses to verify themselves when calling in to request ANY kind of password change for any of the 2000+ applications across the corporate network and 99% of the time it is the last 4 of the user's social or simply "1234". And this is a company who constantly works with protected medical data and has to adhere to HIPAA.

" And 3% write their passwords down on a post-it note stuck near their computer – the digital equivalent of leaving your front door unlocked at night."

I disagree with this statement, it's an old school way of thinking about security. I tell my users all the time it's best not to put a post-it note with your password on your screen but if it will get them to have a more secure password then I'd rather they go with the post-it note (but please, at least don't make it visible somewhere in plain site). The real threat isn't someone sitting down at their desk and logging in, it's someone getting in from the outside cracking their easy password. I do ask that they at least right it coded somewhere (if they need to write it at all) but the most important thing is that it is long, complex, and has nothing to do with their lives (or a dictionary word).   

I'd recommand people to keep using personal information,but combine two or even three of them together to create your password.That makes such guessers nearly impossible to hack your account even with your personal information at hand.

@dperkyone

Or even better, put a space or two in it. Repetition is useful too. For example, one of my passwords is a mix of a few passwords I have and repetition, one of the passwords being a simple set of about 10 random characters. It's 36 characters total and according to howsecureismypassword.com, it would take a computer 266 quattuordecillion years to guess it.

Ah yeah.

@kurizhao  Thats when you think you're wily but you really, really, really, really aren't.