Want to know the passwords Hackers guess first?

When it comes to creating a password, chances are you focus on devising a combination of letters, numbers, and symbols that we will always be able to remember.  We all hate having to remember all of our passwords; or even worse having to go through the “Forgot Password” process every time we go to a website.  We just want to be able to get to our information and HOPE that it’s secure.

According to technology expert Burton Kelso, it is human nature to fall into a predictable routine of creating passwords. “We tend to create passwords based on things familiar to us such as common words, names, and locations,” he explains. “Then we try to make things complicated for a hacker by adding a capital letter, a number, or a special character.” However, unless we come up with unpredictable passwords, we are giving hackers an easy way to break into our accounts.

But, as they say, knowledge is power. To stay safe online we want you to know these common methods and passwords the bad guys will use in order to get their hands on your personal information.

They start off with a password list

Kelso explains that there are several websites that offer “popular password” lists. While the intention of most of them is to encourage people to shy away from the most commonly used passwords, they are a great starting point for hackers. Mark Burnett, a security consultant and researcher, recently published 10 million passwords on his website in order to provide a better understanding of how people formulate passwords. However, it also gives hackers a really good place to start. And yes, this is a big deal: These are the alarming things a hacker can do with your email address.

Sequential number combinations

According to SplashData, which released a list of the top 100 worst passwords of 2019, many of the top 10 passwords—a whopping seven, in fact—included simple number combinations of 1 through 10. These all made the list: 123456, 123456789, 1234567, 12345678, 12345, 111111, and 123123.


SplashData also revealed that “qwerty” is the most popular letter combo for passwords. However, “qwerty1243” and “qwertyuiop” also made the top 15. While it might seem random to you, running your fingers along the top line of your keyboard is totally predictable to a hacker. How will you know if you’re at risk? Look for these 16 clear signs you’re about to be hacked.


Whatever you do, avoid using the word “password” in your password. While the word itself is one of the worst you can choose, many other configurations of the word with letters and numbers are also on hackers’ go-to lists.

Common phrases

Try to avoid any common words or phrases. For example, “iloveyou” made the top 10, while “lovely,” “princess,” and “dragon” were incredibly popular, as well. Hackers will also try common words with all of the common substitutions, according to Kelso, like January and january or October, october, and 0ct0ber.

Pet and family names

According to Google, never, ever, include your pet’s, child’s, or spouse’s name in your password. If a hacker is privy to any of your personal information, they will definitely check your loved ones’ monikers to try to break your code. One infamous hacker learned this the hard way after authorities broke his code: Chewy123. It was his cat’s name, followed by sequential numbers.

Significant dates

Your birthday, anniversary, or the birthday of a loved one can seem like an obvious password choice to you. After all, you will never forget it. But because it makes sense to you, hackers will also be able to figure it out pretty easily if they have access to your personal information, according to Google.

They will try the dark web

Sometimes your old passwords can leak onto the dark web—that part of the Internet not visible to search engines. Skilled hackers will search there, says Kelso, and if they find any, they will try using them. This is one of the reasons it is in your best interest to change your passwords frequently. So, what sorts of things can hackers break into? Here are 17 everyday things you didn’t know could get hacked.

They will create bots

If they have gone through all their resources, hackers have one final tool to break your code: They can create a bot that will try every possible combination. “Keep in mind, modern computers can make password guesses from 10,000 to over a billion guesses per second,” Kelso explains.

So what are the best passwords, anyway?

While there is no “perfect password” in order to break the cycle of creating weak, easy-to-guess passwords, Kelso maintains that the best type of password to keep hackers out of your stuff is a passphrase.  Some examples of passphrases are “stinkychicken” or “spangledbloatedowl.”  It should STILL be something you can remember without writing down or storing anywhere.

If you ABSOLUTELY feel that you must “store” your passwords then you can also opt to have your computer generate random passphrases and store them on your computer—in a secure spot, of course (like LastPass)

Dear student

If you’ve gotten this far, you’ve done a great job in information gathering in a Black Box test. Remember everything you’ve learned, including how to research will be used to get to the goal of accessing my desktop. <-start here!