Top 5 Bad Password Habits

Passwords are undoubtedly the core authentication layer on all of our accounts. Unfortunately, recent statistics have shown that they can get compromised severely due to bad password habits.


An infographic displaying general bad habits of a user when choosing a password for an online account.


  • Using the same password everywhere – Analysts estimate that some 50% of people on the Internet are still using the same password for all of their logins. This is one of the riskiest things you can do online – with massive breaches affecting more consumer websites and services, it’s only a matter of time before one (if not more) of your online accounts gets compromised. If you use the same password across multiple websites, it only takes one website leak for someone to get access to your other online accounts, and jeopardize your identity.
  • Never updating passwords – When was the last time you updated the password for your email accounts? How about your online banking and other financial accounts? Or your social networking accounts? Having strong passwords is just as important as regularly changing those passwords, especially if the same password has been used on more than one account.



  • Having short passwords – Shorter passwords are easier to crack, that’s why you should be using passphrases instead. The longer (and more random) they are, the harder it will be to crack them.
  • Storing passwords in the browser – Storing passwords in your browser might be convenient, but it’s not sufficient to keep your passwords and online accounts protected.  As any vulnerability in the browser/browser extension (plugins/add-on’s) can lead to compromising browser password managers, use a password manager instead!
  • Sharing passwords too freely – At some point you’ve probably had to share a password. It could be a WiFi login with your house guests, or accounts to pay online bills with your spouse, or a login with your business partner. Whatever the case, passwords should be shared sparingly, and only with those you trust. When the person no longer needs the password, it should be updated immediately.

There is no tip-top solution to avoid bad password habits. Writing down passwords and storing them somewhere safe (e.g. in a safe) can have its own down-side as well. Nonetheless, whatever the way you would like to store your passwords – there are certain measures which can help.

  • The foremost thing is to choose a STRONG PASSWORD or should we say: a PASSPHRASE. The following comic strip sums it up well.
Strong password mailfence blog comic


  • Always use a safe (e.g. an encrypted channel) & trustworthy medium (e.g. not known for having/planting backdoors) for sharing your password with someone. If possible, give it to the other party in person.
  • Don’t store written copies of your password (e.g. on sticky notes, your work diary, or on the back of your keyboard). But if you really have to use it temporarily or access it from a written source, be sure to store it in a safe place.
  • Keep in mind the length and complexity of your password. Sites like, and gives you a good password reading on how long it will take to crack your password.
  • Sites like and lets you check if your account has been compromised in various data-breaches. If you think your account has been compromised, reset your password immediately.
  • Before choosing a password, services like allows you to check if the password you are about choose has already been discovered in a data breach.

Above are just few practices which you can apply to protect and safeguard your password.  By doing so, you will be able to reduce the chances of your online accounts getting compromised.

Get your secure email!

Mailfence is a secure and private email-suite.

Follow us on twitter/reddit and keep yourself posted at all times.

– Mailfence Team

Spread the word!

M Salman Nadeem

Information Security Analyst - Security Team | Mailfence

You may also like...

12 Responses

  1. Ram Singh says:

    Sounds great. I would use the suggestion as much as I can. Unfortunately, now a days everyone wants to know our email.

  1. June 5, 2016

    […] Ram Singh on Top 5 bad Password Habits […]

  2. June 5, 2016

    […] Ram Singh on Top 5 bad Password Habits […]

  3. June 5, 2016

    […] Ram Singh on Top 5 bad Password Habits […]

  4. August 29, 2016

    […] Protect your password. Choose a strong password and don’t reuse it.  If you enter your password in some other website and […]

  5. September 28, 2016

    […] account with Mailfence OR any other service, we recommend you to change all those passwords and use different and strong passwords for each of the services you […]

  6. December 1, 2016

    […] un premier temps, choisissez un mot de passe fort et veillez à ne pas le réutiliser. Si vous entrez votre mot de passe dans un quelconque autre […]

  7. December 7, 2016

    […] different logins for each service and secure your passwords: Make sure your passwords are strong and don’t re-use […]

  8. February 2, 2017

    […] criminals: they have the tools and knowledge to crack or guess your passwords (which are probably too simple and weak) in just a few […]

  9. February 7, 2017

    […] a password-change schedule (for e.g. every 3 […]

  10. April 19, 2017

    […] Do not panic!  Stay calm.  We do know it’s easier said than done, but yeah! Before you do anything else, evaluate how much damage is done.  Thus start with checking the security settings to revert any possible changes a hacker may have done:  change of alternate email address?, change of phone number?, TFA enabled/disbaled?, …. Log into your email account; if the hacker changed the password, click the “Forgot Password?” link or its equivalent. Once you have access to your account, change your password right away. Make sure to avoid bad password habits. […]

  11. June 9, 2017

    […] Bad Password Habits – 3 min read […]

Leave a Reply

Your email address will not be published. Required fields are marked *



This site uses Akismet to reduce spam. Learn how your comment data is processed.