How to Protect Your Account: Smart Tips and Top 10 Worst Passwords

Did you know that cyber criminals are attacking 214 accounts every second? A reliable password is a surefire way to prevent cyberattacks and bolster your online account security. Let’s talk about the popular methods scammers are using to steal your personal data and how to beat hackers. Also, we’re going to look at the top 10 weakest passwords which even a beginning hacker could crack in seconds. 

  1. How cyber criminals steal your data
  2. How to create a strong password
  3. 10 worst passwords in 2020
  4. Final words

How cyber criminals steal your data

When it comes to security breaches on the web, the main goal of any criminal is to get access to your personal data and, eventually, money. Hackers aim to get access to your personal information, bank accounts, and more. And if you’re using the identical password across several accounts, the damage may increase dramatically. 

As more and more businesses are transitioning online, cyberattacks have become a real threat. According to the FBI statistics, the number of reported cybercrimes has tripled. Hackers are mainly targeting employees working remotely during the Covid-19 pandemic, as well as healthcare and finance companies.  

According to this Data Breach Investigations Report, 45% of cyberattacks have to do with breaking into accounts. In 17% of cases, cyber criminals use malicious software. 22% of attackers rely on the phishing technique, while another 22% of them exploit website vulnerabilities. In 8% of all cases, data leaks occur through the fault of the account owner. Finally, in 4% of cases, hackers threaten account owners with physical violence to get access to their data. Let’s take a look at the 4 most common types of cyberattacks.     


The phishing technique relies on manipulating the user’s sense of trust. You get an email or message from your bank, reputable company, or even a friend. The email asks you to go to a specific website and enter your personal data. Once you enter the required information, it gets directly into the hands of cyber criminals.  

While phishing messages come in all forms and sizes, all of them pursue the same goal which is to make a careless user provide the information voluntarily. To keep cyber criminals at bay, follow these simple rules:  

  • Organizations, companies and social media platforms never ask for passwords or other sensitive data via email. If you got a suspicious message from a company, you need to contact it to make sure the message was sent by them. 
  • Scrutinize the text of the message. Phishing messages tend to contain plenty of exclamation marks and clickbait headlines, e.g. “Urgent!”, “Congratulations on your win!”, “We’re blocking your account”, etc. 
  • When on social media, be careful when dealing with emotional content. Among other things, this can be information regarding sick children, animals in need, etc. The report says that 85% of people posting puppy photos are trying to scam you. 
  • If you clicked on a suspicious link, wait before you enter your personal data. Pay close attention to the website design and address bar. If a website looks amateurish or downright messy, you should better play it safe and leave. Also, you must not trust a website which is not https secure (look at the address bar) or has a misspelled name (e.g., “Ebey” instead of “Ebay”).  

Website weaknesses

If a website is insecure, online scammers can access your personal information by altering its source code. Over the years, hackers have stolen data from dozens of high-end companies, including Yahoo, Zoom, Uber, Under Armour, Twitter, Marriott, EasyJet, and others.   

While businesses take full responsibility for such mishaps, this doesn’t make much of a difference. Data leaks stain the company’s reputation and undermine its clients’ trust.   


When using this method, hackers trick you into downloading malicious software to your PC or smartphone. Sometimes, swindlers demand a ransom in exchange for the stolen data. In 2020, the average ransomware payment grew by 33%, reaching 111,605 US dollars.

Hacking tools

Hackers can also use special programs that help crack passwords. A program like that takes seconds to break a lousy password! If, however, your password is strong and tricky, cyber criminals will have less chances to succeed.    

How to create a strong password

The bad news is that there is no such thing as a 100% secure password. Cracking any password — however strong — is only a matter of time. However, there’s also good news. If you come up with a really good password, hackers will have a hard time trying to crack it. If you’re lucky, they even may give up the idea and leave your account in peace!

What is a “strong password”? Listed below are the main Dos and Don’ts when it comes to creating a password.

What you shouldn’t do:

  • Use words which are common and easy-to-guess (password, iloveyou, unknown, sunshine, myspace, etc.).
  • Use simple combinations of letters and/or digits (abcd, 123456, 123abc).
  • Use characters which are adjacent on the keyboard (qwerty, asdfg).
  • Use recurring letters or digits (aaaa, 555555, 123123123).
  • Use your personal data (your date of birth, your phone number, your child’s name, your pet’s name, etc.).
  • Replace letters with similarly looking digits (“fl0w3r” instead of “flower”).
  • Use the same password across several online accounts.

What you should do

Create a long password (at least 12 characters) containing both lowercase and uppercase letters, as well as digits and special symbols. Here are a few ideas to draw from:   

  • Use your favorite line from a song, book, film, speech, etc. The important thing is that no one must know about it.  
  • Use the first letters of each word in a quote or phrase. For example, you can take the phrase “This is my very strong password for the bank account” and turn it into “tIm%VSp4Tba”. For more complexity, the resulting password has “for” substituted with “4”, as well as two special symbols.  

How do you create and memorize complicated passwords for multiple accounts? One way to go is to use a free password generator, such as NordPass. This smart tool creates unique, strong passwords and stores them in its secure databases. Every time you need to log into your account on a website, NordPass will pick the right password and enter it for you! 

Here are a few more rules to remember to keep your passwords safe:

  • Don’t access your financial accounts when using a Wi-Fi network. There is always a risk that cyber criminals may intercept your sensitive information.
  • Even if you have a strong password, develop the habit to reset it once every three months. 

10 worst passwords in 2020 

NordPass has analyzed 500 million cracked passwords to compile a list of the weakest passwords. Think about this fact: it takes cyber criminals less than a second to break a lousy password! We’ve selected the worst 10 passwords from NordPass’s list. If you’re using one of the passwords below, be sure to reset it immediately.    


This easily hackable password occupies a well-deserved place at the top of the list. Used by 2.5 million people, it was cracked a whopping 23.6 million times. 


This is a “more sophisticated” version of the previous password. However, that didn’t stop online thieves from cracking it 7.8 million times.   


Among the top 10 worst passwords, this is the strongest — if we may say so. Hackers spent 3 hours on the average trying to crack it. Despite containing both letters and digits, this combination is still too weak.   


For some users, the word “password” seems to be the most obvious choice for a password. Accounts protected with this word were attacked 3.7 million times. 


Here is another numerical combination which makes the job super easy for hackers. Remember this: it doesn’t matter how many digits you’re using if they form a sequence! This password fell victim to cyber criminals 2.9 million times.  


A string of identical digits is another favorite combination of careless users. And you know what? Hackers have nothing to complain about! As a result, we’re looking at 3.1 million successful attempts to hack this password.  


A simple combination made up of repeating characters is an easy prey to professional cyber criminals. This is confirmed by 2.2 million successful hacks.    


A staggering 188,000 users chose this insecure combination to protect their account. It was attacked 2.4 million times. 


Using as many as 10 digits doesn’t guarantee that your account is securely protected. Hackers got access to 2.2 million accounts with that password. 


The word “senha” means “password” in Portuguese. Sadly enough, this little trick didn’t save the day. Cyber criminals cracked this password 8.2 million times, only spending 10 seconds on this task.    

Final words

A weak password is most likely to fall victim to cyber criminals. On the brighter side, outsmarting the hackers and protecting your personal data is easier than you might think. Follow the online security checklist below and your sensitive information will be as safe as houses!  

  • Create a unique, strong password for each of your online accounts. 
  • Don’t enter sensitive information on suspicious websites. 
  • Don’t download and install software from untrustworthy sources. 
  • Be careful when using Wi-Fi networks. 
  • Reset passwords every three months. 

Blog editor and content marketing specialist at Logaster. Expert in web marketing and branding. Writes complex concepts with simplicity. Natalia’s articles contain useful guidelines on how to build a successful brand and promote it online.

Full Brand Identity Package

Use the Logaster logo maker to quickly launch your company. Type in your business name and get a professional branding package in 60 seconds! Try us out — it’s easy!

At least 3 characters long.