Skip to content
Naked Security Naked Security

World Password Day – what (NOT!) to do

Yeah, yeah, yeah... we really ought to get around to picking proper passwords for everything - and here's why!

Today is World Password Day, and that means it’s a day that’s all about caring and sharing…


We made a short video to catch your attention:

(Watch directly on YouTube if the video won’t play here.)

None of the passwords in the video seem truly terrible – there’s no 123456 and no password, after all.

But all the passwords you see in the video are easily guessable, even though most of them aren’t dictionary words, and all of them come from a recently released list of the top 100,000 passwords.

So don’t take password shortcuts to save a few seconds a day in your digital life – if you’re serious about keeping the crooks out, don’t make it easy for them to get in!

Our recommendations are:

Happy World Password Day – and stay safe out there!


(Audio player above not working? Download MP3, listen on Soundcloud or access via iTunes.)


stop using passwords you fools!


If biometrics aren’t secure, and a single point of failure (cell phones) for 2FA is a bad idea. What about a secret code locked in my head? Its not device dependent – it is multi platform!


True… if you can devise and remember good passwords for dozens of sites, of course.

Most people can manage to devise and remember one solid password for their password manager… but prefer to let the password manager take care of all the other complexity.

And your mobile phone needn’t be a single point of failure for 2FA. In six years of using 2FA (and I like to log myself out every day so I do the 2FA dance regularly) I have been “locked out” exactly twice. Once I left my phone at home so I used a backup code I had prepared earlier and learned not to forget my phone again. (So far, I haven’t!)

The other time, my closest mobile transmitter was damaged in a storm and shut down, so I walked 2km down the road to my favourite coffee shop – where I was planning on going anyway – and found that the mobile signal there was at full power.


? full whack? meaning NOT working? or Working Fine? Don’t use slang when English will do.


Full tilt, full bore, full on, full power…

…in other words it was running at 100%, working just fine, performing AOK, going at top speed.

Sometimes we allow ourselves to be a little bit conversational in the comments :-)

I have, however, edited the comment for clarity because I note that although “full whack” appears in my Oxford Dictionary of English it is omitted from my New Oxford American Dictionary.


BobK, you’re nitpicking; context would’ve gotten you there.
But I upvoted you for comedy value.


It is mostly a habit to pick-up, I started to use a password manager some years ago, mostly because I started to use different passwords for every service and quickly realizaed it would be stupid to keep them all in an office doc, xls or txt, so, after the first entries it became easier each time, now I have a multi-lenguage die passphrase xls complete with special charachters and all. At first when I started using the die passphrase generator my partner said I was “nuts” but after he realized all of his emails had been compromise in more than one data breach, he is now adopted use of his password generator and manager. – Be patient, and always remember that you are taking that extra step to protect yourself, family and place of work. If not for anything, at least for “better safe than sorry”.


Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!