Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | How to Cut the Cable Cord | Best Fitness Trackers Under $50 | Complete Guide to Facebook Privacy

Top News Stories

author photo

Quiz: Can You Spot the Strong Password?

by on June 10, 2016
in Computer Safety & Support, News, Computers and Software, Blog :: 3 comments

Quiz: Can You Spot the Strong Password?

Big stories about hack attacks and password thefts have kept internet security in the public eye—which means we all know how important it is to have strong passwords to keep our online accounts secure. And while we all try to use tough-to-crack passwords and make every password unique, part of the problem may be that we don't entirely know what makes a password a good one.

According to a recent study by Carnegie Mellon University's CyLab, just 79% of us are able to pick out strong password. While that's a pretty high number, it still indicates we don't necessarily get what makes a good password. Study participants were asked to look at 75 pairs of passwords and say whether one was stronger or both were about the same. You can take an abbreviated version of the quiz (with just seven questions) online to see how you stack up to the study participants—do you know a good password when you see one?

If you don't, that's okay, because the mistakes people made in this study can teach us all how to make better passwords. Cylab is currently working on a password tool that will provide feedback how strong your passwords are so you can learn to make better ones—but it's not due out until the end of the year.

While we wait, we can take the lessons from this study and start making better passwords today. Let's start with a refresher on the password basics we should all know:

  • Make sure your passwords are at least 12 characters long.
  • Add numbers, capital letters, and symbols to make your password stronger.
  • Don't use personal information, like family names, birthdays, or anniversaries, which are easy to guess.
  • Making your password an acronym for a phrase rather than words out of the dictionary can make it both strong and easy to remember.
  • Never use the same password for more than one site, which could compromise all of your online accounts if one site is hacked.

But the study results taught us a few new tricks: primarily that making a good password is all about unpredictability. If you're using passwords or password creation techniques that are common, your passwords are easier for thieves to crack. Here's what we've learned.

  • Using uncommon words and phrases makes a stronger password than common words. The sample quiz compares "iloveyou88" to "ieatkale88." The latter is a stronger password because it doesn't use common words or phrases. The more unusual the words, the better the password!
  • While adding numbers does make your password more secure, it's common for people to add numbers to the end of a password, and that can make it easier to crack. Put numbers in the front or the middle to make a better password.
  • Replacing letters with numbers or symbols seems like it would make a better password, but some substitutions are so common that it doesn't make much difference. Instead of swapping "i" with "1,"consider using a capital letter "i" instead.
  • Capital letters mixed into your password make it a lot harder to crack as long as you're not just capitalizing the first letter—again, because capitalizing the first letter is common.
  • Avoid creating your passwords based on keyboard patterns—for example, "qwertyuiop" may be a password that looks random, but it's just typing out the top row of letters on your keyboard. Patterns like that are easily guessed. 

But how are you supposed to keep track of all of these complicated passwords, especially when you need a unique password for each site? We use password vaults—software that securely stores our passwords so we never forget. LastPass is our favorite. This app for Mac, Windows, iPhone and Android remembers and organizes all of your passwords—and even has browser plugins (for Chrome, Firefox, Safari and Internet Explorer) to enter your passwords without any hassle.

[Image Credit: strong password concept via Shutterstock]

Discussion loading



From Andrew Prakken on June 10, 2016 :: 11:14 am

Make sure your passwords are at least 12 characters long.
Add numbers, capital letters, and symbols to make your password stronger.
That is great to mention this, but I’ve tried to use, especially the second line, but then the reply comes back that you cannot use any symbols. So it seems these corporations are not up to date in their password settings. Even my own bank, which is one of the 5 big Banks in Canada will only allow 6 Characters and only letters, JS




From Jay on June 10, 2016 :: 11:30 am

I know it would be a hassel but I would get a different bank. Why take chances?


ID federations are not a silver bullet.

From Abbe Sillie on June 11, 2016 :: 10:58 pm

With caveats, though.  ID federations (single-sign-on services and password managers) create a single point of failure, not unlike putting all the eggs in a basket.  It remembers all my passwords when un-hacked and loses all my passwords to criminals when hacked.  It should be operated in a decentralized formation or should be considered mainly for low-security accounts, not for high-security business which should desirably be protected by all different strong passwords unique to each account. Needless to say, the strength of the master-password is crucially important.

At the root of the password headache is the cognitive phenomena called “interference of memory”, by which we cannot firmly remember more than 5 text passwords on average.  What worries us is not the password, but the textual password.  The textual memory is only a small part of what we remember.  We could think of making use of the larger part of our memory that is less subject to interference of memory.  More attention could be paid to the efforts of expanding the password system to include images, particularly KNOWN images, as well as conventional texts.


© 2015 Techlicious LLC. Home | About | Meet the Team | Sponsorship Opportunities | Newsletter Archive | Contact Us | Terms of Use | Privacy Policy

site design: Juxtaprose