Why Passwords are Bad for Data Security

Did you think using a password was enough to protect all your personal and financial information? Think again.


The primary reasons why Passwords are a bad bet in the world of data security are:

  • Badly chosen combinations – Most people choose passwords which are combinations of phrases and numbers somehow related to their identities. This makes it easier to guess what the password it, when you have the relevant personal details. Even less secure passwords are frequently used, like names of characters, movies and TV shows!
  • Frequently forgotten or lost passwords – Those who go a step further and use complex character combinations as passwords often forget them, having to reset the codes time and again. It’s either highly inconvenient or open to interception when you keep resetting frequently used passwords.
  • Noted down in accessible locations – Creating strong passwords only to forget them is bad, but what is worse is noting down those passwords on a sticky note or the back of a flyer! You are just making it easier for someone with physical access to those to compromise your accounts.
  • Common passwords for multiple services – Using the same phrases or character combinations for securing accounts on multiple services like Email, Online Banking, Social Networking sites etc. increases the chances of getting sensitive information broken into. This tendency is inevitable for most people, and at least the logic used behind almost all passwords remains same – abc123, 1a2b3c, 123abc, pqr456, p4q5r6 etc.
  • Interception using Malware – Getting malware onto users’ machines as well as unsecured local area networks (LAN) makes it possible for hackers to intercept the information you type into password boxes via key loggers and IP sniffing tools. This would make even the strongest passwords worthless.
  • Hacking of Password database servers over the internet – In the past few years we have read reports of how servers of Sony PlayStation and other online services got hacked, followed by public release or exploitation of financial information of the customers leading to losses of several millions of dollars. Such large scale compromise makes any efforts you employ in securing your own account meaningless.

After reading all that, you must be quite anxious about how you can actually protect your sensitive information. Read about “Google working on replacing Passwords with Hardware Identification based Passkeys” to assuage your concerns.

Have you ever been hacked? Please share your experiences with us via comments below.

Share Feedback We Want to Hear From You