How to create a password that will take millions of years to crack


An online retailer from the UK has revealed the 10 most commonly used passwords, which are so bad they are routinely putting user’s online security at risk.

Retailer has revealed that the passwords could be compromised by a hacker in less than one second.

The passwords include the likes of “123456”, “qwerty”, “111111” and “password”.

According to, people also use passwords that contain things like the name of their pet, children, partner or favourite sports team because they are easy to remember.

However, these kinds of passwords can be just as easy to crack, with hackers increasingly scouring social media profiles to extract information that could have been used in a target’s password.

A spokesperson for AO said there were a few ways in which users could create an almost hack-proof password, which would prevent hackers gaining access to online bank accounts, social media profiles and email accounts.

Instead of creating a password around the name of your pet, you should instead choose three random unrelated words.

“A good example is ‘teabrownpicture’ and it would take 35,000 years to crack. Adding a number to the end of the three random words ups the ante to 227 million years,” AO told Mail Online.

The news comes after users were told earlier this year that everything they had ever been told about creating a strong password is wrong.

The stark warning came from Bill Burr, who wrote a guide on creating passwords for the National Institute of Standards and Technology in 2003.

Mr Burr warned that if you followed the guide to day you are likely to be vulnerable to hackers.

“Much of what I did I now regret,” Burr told the Wall Street Journal.

The guide recommended changing passwords every 90 days and using mixture of upper and lower case letters, numbers and characters.

However, by following this advice, users created the same predictable passwords that were easy to guess, Mr Burr said.

For example, something like “Pa55word!” follows Burr’s guidelines but isn’t very secure and is very easy to guess.

Now the National Institute of Standards and Technology has set more modern guidelines which says passwords should be long and easy to remember and should only be changed if you think they have been compromised.

Instead of creating a password, opt for a passphrase that can be long but easy to remember.

The easiest passwords to crack

  • 123456
  • 1234567890
  • 123456789
  • 1234567
  • qwerty
  • password
  • 12345678
  • 123123
  • 111111
  • 987654321

Words to avoid in your password

  • Your name, partner’s or pet’s name
  • Your pet’s name
  • The name of the street you grew up on
  • Your favourite place to go on holiday
  • Favourite sports team

Comments are closed.