Who stole my password?

Posted by

I’m sure you might be saying what a ridiculous title this is. Well, just hang on. Have you ever gotten funny and sometimes irritating messages on Twitter, Facebook and even your email from a friend? The content of the messages are sometimes like “Hi, someone is saying horrible things about you…” Then you see some weird links to click.

And when you tell your friend about it, he/she denies sending such messages to anyone. Many times, these messages are sent to everyone on your friend’s list. It is simple: your friend’s Twitter/Facebook account has been compromised (hacked).


Your account can be compromised in several ways and one of the easiest ways is through the password you selected. Last week, a Yahoo database server was compromised and over 400,000 passwords of users were pasted on the internet. An analysis of the top passwords used by the Yahoo subscribers as pasted online is shown below:

Password Used
Number of Accounts with this Password

Source: http://eset.se

This may sound really outrageous but it is possible that your password is just as simple as these ones. It’s also common for people to use their names, spouse name, date of birth, family member’s name, car type, favourite actor, favourite colour and even pet names as passwords, but this is so RISKY. Anyone who is intent on hacking into your facebook account, mail box, online banking account will probably first try some of these common passwords and many times will be successful at it.

Now, how do I select a good password? A good question you will ask. There is no right or wrong way of selecting good passwords. However it is important that your password is not as cheap as the ones above and also not too hard for you to remember. I learnt an easy way some time ago and I think it may be useful to you too.

Steps to Selecting a Good Password

  1. Choose a random phrase or sequence of words that you can EASILY remember. E.g a favourite childhood song/poem – “twinkle twinkle little star, how I wonder what you are”.
  2. Pick out the first letter(could be any letter) of each word in the phrase – ttlshiwwya
  3. Add numbers randomly to the new pass-phrase -1ttlshiwwya2
  4. Alternate the new pass-phrase in upper and lower caps as you wish -1TtlShiWwyA2
  5. Add symbols and punctuations to make it more difficult -1TtlShi#WwyA2*
  6. And there you have it; your new password is 1TtlShi#WwyA2*

This password is definitely a hard one to break and it’s quite easy to select. By the time you try this password two to three times it will stick into memory. You can use this simple method to select passwords for your other accounts by simply varying the letter picked in each word of your phrase (first, middle, last letter). It is important NOT to use the same password for multiple accounts and do not write it down or stick it on your system for any reason. Also, ensure your password is a minimum of eight characters long and try to change each password after 30 – 60 days of using it.

This might be really simple for some people but I can assure you it can be very useful for others. Please note that the password generated in the example above is for illustration purposes ONLY.

Stay safe…on the Internet.


  1. Good tips there, most people choose 123456 so that they can easily remember it instead of some complicated passwords that they’ll end up forgetting in the long run.

    Another tip you should have added is that you should not write down the password where it is easily accessible to anybody other than yourself.

  2. When you start having up to six online accounts, you may start having issues with that method. An efficient addition could be to download an app that manages all your login details and select a very strong master password. Its not gonna be easy to keep multiple passwords in your head.

  3. /+/
    be to download an app that manages all your login details and select a very strong master password.

    my thoughts exactly.

    was using HackProof Password on Symbian.

    Now, I use Clip Ninja on Android..

Leave a Reply

Your email address will not be published. Required fields are marked *