Keyboard walking password

Each year security experts plead for the general public to use unique and more secure passwords, but every year we’re reminded that the most-used passwords are awful. A popular trend is known as “keyboard walking,” and while the passwords look strong, secure, and often meet complexity standards, it’s a well-known trick that you’ll want to avoid.

A recent report by WPEngine detailed some of the most common passwords still being used in 2021, and it’s not a good list. These include adding a number to the end, keyboard walking, and other potential security nightmares. Unfortunately, keyboard walking techniques like “123456789” or “qwerty” are still at the top of the list where users walk their fingers down the keyboard.

Researchers found patterns across the keyboard, random letters and numbers, popular bands, clothing brands, and even passwords created out of pure laziness. Here’s what you need to know, what to avoid, and how to create strong passwords.

What Is Password Walking or Keyboard Walking?

Password Walking

We get it. Password creation is a boring part of life we all have to do, often. Keyboard walking is explained as a combination of letters, numbers, and symbols that neighbor one another on a keyboard. This happens on both desktop keyboards or layouts often used on smartphones.

We’re not just talking about easy keyboard walks like “1234asdf” either. People use fancy password walking methods that aren’t any better. A prime example is “1qazxcv”, as shown below. A recent ransomware attack explained by AhnLab revealed an entire company used this method for all administrator accounts, which ultimately got compromised. As you can see, convenience over security can end badly.

keyboard password walking

Many of the top passwords still used to this day don’t include patterns and are even easier to guess. But if you think you’re being clever with a unique keyboard walk, it’s not a good idea.

When users “password walk,” they still create well-known and easy to guess passwords. Unfortunately, most hackers are very aware of this method, and password cracking software often tests for these exact same situations, according to one security expert on Twitter.

Cracking software can try hundreds if not thousands of different password combinations instantly, which is one of many reasons why easy passwords are frowned upon.

Common Keyboard Walking Passwords to Avoid

Common Keyboard walking passwords

It should go without saying, but at this point, you shouldn’t be using any keyboard walking technique to create passwords. Above are a few of the most common keyboard patterns found in a study of 10 million passwords.

Another popular password that looks great at first, but isn’t a good idea, is “Adgjmptw.” That may look like a random string of letters, but it’s generated by pressing two through nine on a smartphone’s dial pad. So yeah, don’t do that.

If you’re using any of the passwords shown above, or resemble one, now would be a good time to change your password.

How to Create Secure Passwords

An illustration of someone changing their terrible password.

By now, you’ve likely heard of a password manager, and if you don’t use one, you probably should. A password manager is a program or app that can store, generate, and manage all your passwords in one place. Additionally, it’ll keep all your passwords under one master password, which will be the only one you’ll need to remember.

Typically, people use passwords that are too short, simple, and easy to crack. Even with an increased awareness of privacy and security among the general public, most still don’t use password managers and choose convenience over security.

Having one master password is only half the battle, too. You’ll want to use a password manager to assist in generating complex and strong passwords to replace your old easy ones, then keep them all safe behind an encrypted database.

You may want to consider paying for a password manager when making the switch. And don’t worry, we put together a list of the best password managers worth trying.

Source link