ItsGeekToMe.co

The official home of It's Geek to Me on the web!

Issue #951: October 12-18, 2025

“Insanity is doing the same thing over and over and expecting different results.”
                                 – Rita Mae Brown (though often misattributed to Albert Einstein)

 • • •

This quote is perhaps somewhat overused, but my dear Geeks, let me tell you, it is still absolutely relevant in the realm of cybersecurity, particularly in the way many choose to handle passwords. 

For years, we’ve been told to change our passwords regularly (every ninety days is good) and to use passwords that are a jumble of special characters, numbers, and mixed cases.  Words from the dictionary are a distinct no-no, as are portmanteaus of past or present pets, children or spouses, not to mention special dates such as birthdays or wedding anniversaries.  The reason?  All of these, no matter how clever you think you are, are guessable with little or no work on the part of a skilled, determined hacker. 

Despite all the warnings, for years, people have used various perturbations of things like the word “Password” often changing a single letter to a capital, or the extra sneaky adding of a “1” to the end (yeah, they’ll never guess that!) or for those ultra-hip tech types, replacing the a with an @ or the o with a zero.  People repeat the same fundamental mistakes and craft perfectly guessable passwords.  They use the same predictable pattern and yet expect different security results.  And that, fellow Geeks, is indeed digital insanity.  The stark truth is that the playing field has changed, and it’s high time our habits caught up.  So, because many still believe security means taping a list of passwords under your keyboard or keeping dozens of 3×5 cards in a file box next to your computer, we need to have a serious talk. 

When it comes down to password management, the root cause of bad habits can generally be narrowed down to one cause: a preference for convenience over security. This encompasses everything from sheer laziness at maintaining passwords, to an inability to remember the dozens of passwords we need to remember to navigate the modern digital life.  This convenience takes many forms. First and foremost is password reuse. This is arguably the most dangerous habit in the digital world. Remembering a unique, complex string for your bank, your multiple email accounts, all your social media, and the countless shopping websites you visit can feel impossible. It’s far easier to use the same one. The problem? Data breaches are a certainty, not an if. When one site inevitably gets hacked, and its database of usernames and passwords is sold on the dark web, attackers will use automated tools (called credential stuffing) to try that same combination on hundreds of sites, not the least of which are your email, Amazon, Google, major credit card and bank websites. When the same key unlocks every door, the lucky hacker can pick and choose what they steal.

The second bad habit is using easily guessable information in or as your passwords. I mentioned some of them above.  Studies have shown that a remarkable number of people use “password,” or “QWERTY” or “123456” as a password.  I can’t help but wonder whether they think this is somehow secure, or unlikely to be guessed.  But those who make their living stealing from others don’t just guess manually.  They use massive dictionaries of commonly used terms, sequential numbers, and public information scraped from your social media profiles. And you know those inane Facebook posts that ask you to answer a bunch of personal questions just for fun?  These are actually information gathering tools that help build a profile on you.  For more information on this topic, see I.G.T.M. Issue #500, Feb 19, 2017. (A little dated, but still highly relevant.)  So, you might think you’re clever using your dog’s name followed by your birth year as a password, but I’m telling you, it would probably take a modern computer only a few seconds to crack it.

I’m out of room for this week, so I’ll continue this discussion in the next exciting issue of It’s Geek to Me!  Don’t miss it.  In the meantime, why not visit my website and drop off a question for me while you’re there?  I’ll admit, it’s a lot more fun to answer reader questions than it is to yell at you about your (likely) poor password management habits.

To view additional content, comment on articles, or submit a question of your own, visit my website at ItsGeekToMe.co (not .com!)

«


Leave a Reply

October 2025
S M T W T F S
 1234
567891011
12131415161718
19202122232425
262728293031  

Search the site

Recent Posts

Archives

Copyright Notice

All content on this site is Copyright © 2007-2025 by Jeff Werner – All rights reserved.

Powered by Wordpress. Design by Handla-Online.org.