SecurityCARROT.com by Erix Toh
2 min readSep 4, 2022

The problems of our password

Everyone is no stranger to passwords. It is used almost everyone before accessing sensitive digital places and websites. However we hav been using passwords at a wrong way. That’s why many complimentary secured addons are created for our security - additional authentication token, one time password, separate authorisation links and etc. But what’s wrong with our passwords?

  1. The strong password we build. We have always thought using personal things to build our password is strong. Example birth date, pet's name, hobbies, favourites, etc. In fact all our personal attributes could be available almost everywhere that you know and also don't know. The more interesting part is others already know your personal attributes. That's how your password are broken if you use personal attributes for them.
  2. We have exposed our own password. We worry about forgetting too many passwords. That’s why we like to record our password for future reference in case we lost those memories. Many ways used differently such as paper, digital notes, password management tools, etc. But today all this ways are weakened and vulnerable. For example password on paper got recorded unintentionally into camera. Our password no longer private.
  3. We actually never change password. Everyone may know to change password regularly. But how do we change to a new password. It is not surprisingly most may change last few or one character of the password to ease remembering them. Another common ways are swapping the passwords between non sensitive and sensitive platforms. All this ways looks changing the password frequently but in a bad way and very vulnerable.

What do you think our problems of password and how could we do better password? Let’s put some deeper thoughts for our coming talks. We believe there are more creative ways to do strong password while having them friendly but privately secured.

About the author:

Erix Toh Shang Yee has been in cybersecurity spaces for more than 28 years. Through diversified information security experiences in banking, electronic commerce, payments, fintech, insurance and investment industries, SecurityCarrot is his initiative to share insightful thoughts and ideas to live with cybersecurity a much better way while continue enabling your current priorities and objectives.

Linkedin Profile:

https://www.linkedin.com/in/tohshangyee

SecurityCARROT.com by Erix Toh
SecurityCARROT.com by Erix Toh

Written by SecurityCARROT.com by Erix Toh

0 Followers

Erix Toh Shang Yee has been in cybersecurity spaces for more than 28 years. SecurityCARROT.com is his initiative to share different insights to stay secure.

No responses yet