Saturday, July 05, 2025, 7:01PM | 
MENU
NEWSLETTERS
Pirates trade rumors: What the Post-Gazette is hearing as MLB’s deadline approaches
Will Pennsylvania follow other states in banning fluoride?
Officials: At least 27 people are dead in Texas floods as the search continues for the missing
Congress wrestled over Pell Grants in the big bill. These Pittsburgh-area colleges have the most Pell-eligible students.
How a 'unique' connection with a Penguins scout helped Finn Harding reach the NHL's doorstep
Washington Wild Things, Pittsburgh's other professional baseball team, not afraid to take shots over the bow
Homepage
This Just In
Chats
Weather
Traffic
Event Guide
PG Store
RSS Feeds
PGe
The Digs
Video
Photos
Pitt study highlights importance of studying both sexes
Israeli airstrikes kill 14 Palestinians in Gaza and another 10 die seeking food
Teaching kids 'life-saving' skills for swimming season — and beyond
Officials: At least 27 people are dead in Texas floods as the search continues for the missing
A fragile ceasefire in the Israel-Iran war tests the harmony of Los Angeles' huge Iranian community
Will Pennsylvania follow other states in banning fluoride?
News Home
Crime & Courts
Politics
Education
Health & Wellness
Transportation
State
Nation
World
Weather News
Obituaries
News Obituaries
Science
Environment
Faith & Religion
Social Services
Small ball? Pittsburgh's other professional baseball team isn't afraid to take shots over the bow
''How am I going to do it?' A cardiologist helps nurses eat healthier and take better care of themselves
Robert Stiffler, former Shady Side Academy teacher and athletic director, dies at 91
Brentwood's Independence Day festivities are a long-lasting tradition for many Pittsburghers
Allegheny Intermediate Unit awarded $750K to bolster educator workforce
Congress wrestled over Pell Grants in the big bill. These Pittsburgh-area colleges have the most Pell-eligible students.
Local Home
City
Region
East
North
South
West
Washington
Westmoreland
Obituaries
Classifieds
Public Notices
Off The Bat: Isaac Mattson is this year’s Pirates pitching success story
How a 'unique' connection with a Penguins scout helped Finn Harding reach the NHL's doorstep
Pitt football preview: Led by All-American Kyle Louis, the 'Sharks' circle and look to strike
Small ball? Pittsburgh's other professional baseball team isn't afraid to take shots over the bow
Todd Nelson is surprised he joined the Penguins, too, but the coach is excited to be back
Pirates trade rumors: What the Post-Gazette is hearing as MLB’s deadline approaches
Sports Home
Steelers
Penguins
Pirates
2025 U.S. Open
Sports Columns
Gene Collier
Jason Mackey
Joe Starkey
Paul Zeise
Pitt
Penn State
WVU
North Shore Drive Podcast
Riverhounds
Sports Betting
Fantasy Football
NFL
NHL
MLB
NBA
NCAA
College Sports
High School Sports
Brandon McGinley: Loving your country when it’s hard to
Jonathan D. Salant: Will Trump's deregulation drive raise Pa. highway deaths?
Editorial: Independence Day, a day when friends signed their death warrants
Editorial: Saving Allegheny County finances will require more hard choices, including the choice to pursue growth
Michael Liccione: Ukraine in 2025 is America in 1776
Adriana E. Ramírez: Maybe we should leave before I get deported
Opinion Home
Editorials
PG Columnists
Special to the PG
Insight
Letters
Op-Ed Columns
'It's good to be back!' Oasis sends fans into a 'Supersonic' frenzy as long-awaited reunion tour starts in Cardiff
Review: Samantha Fish rocks for the Samantics at Jergel's
Joey Chestnut reclaims title in Nathan's Famous hot dog eating contest, wins 17th Mustard Belt
Bob Spieler, punk-rock guitarist and pinball wizard, dies at 68
Rory Culkin joins cast of Western Pa.-set Apple TV+ thriller, which begins filming this month
Julian McMahon, star of ‘Charmed,’ ‘Nip/Tuck’ and ‘FBI,’ dies at 56
A&E Home
Celebrities
Movies
TV & Radio
Music
Concert Listings
Theater & Dance
Art & Architecture
Books
Events
Gimme a gimlet! This cocktail is tart, sweet and perfect for summer
Buying here: Music, stone and wood in harmony in Sewickley Heights home priced under $5M
Learn to 'garden to the max' while benefiting wildlife at this summer short course
Isolation increases the risk for premature mortality. Pittsburgh's many social clubs offer a cure.
Brentwood's Independence Day festivities are a long-lasting tradition for many Pittsburghers
''How am I going to do it?' A cardiologist helps nurses eat healthier and take better care of themselves
Life Home
Food
Dining
Recipes
Drinks
Buying Here
Homes & Garden
goodness
Random Acts of Kindness
Seen
Outdoors
Style & Fashion
Travel
Holidays
Pennsylvania hospitals expected to lose out under ‘Big Beautiful Bill’
Johnstown-based CTC secures certification opening door to future contracts
Rural hospitals brace for financial hits or even closure under Republicans' $1 trillion Medicaid cut
With its ‘very welcoming’ atmosphere, Pittsburgh again hosts thousands of furries for Anthrocon
U.S. stocks set another record and yields leap on signals the economy is solid
Washington Wild Things, Pittsburgh's other professional baseball team, not afraid to take shots over the bow
Business Home
Building PGH
Your Money
Business of Health
Powersource
Workzone
Tech News
Business / Law
Other Business
Consumer Alerts
Top Workplaces
MENU
SECTIONS
OTHER
CLASSIFIEDS
CONTACT US / FAQ
Advertisement
Systems increasingly demand a mixture of letters, numbers, punctuation and capitalization for passwords.
1
MORE

This pa$$w0rd is not very secure: CMU studies reveal best and worst in passwords

Paul Sakuma/Associated Press

This pa$$w0rd is not very secure: CMU studies reveal best and worst in passwords

Pittsburgh Post-Gazette logo
Rich Lord
Got a news tip? 412-263-1601
localnews@post-gazette.com
May 4, 2015
7:39 PM
0

The perfect password would be both unpredictable and memorable, but that’s a tough combination, said Lorrie Faith Cranor, director of Carnegie Mellon University's CyLab Usable Privacy and Security Laboratory.

As a leading researcher on passwords, she’s seen thousands of them, and they’re rarely as clever as their creators imagined.

How about 1qaz2wsx? Sorry, that diagonal march down the left side of the keyboard is well known to hackers, who have programs that spit out the most common passwords and test systems machine-gun style.

Advertisement

And if the hacker wants you specifically, they’ll check your social media for, say, the names of your pets.

Surveillance Society: An index to continuing coverage
Pittsburgh Post-Gazette
Surveillance Society: An index to continuing coverage

CyLab student Blase Ur last month traveled to Seoul, South Korea, to present the lab’s most recent paper on passwords. The bottom line: “Random is best, but random is hard to remember,” so it’s important to find the right balance, Ms. Cranor said. “We’ve been looking at what are the ways that you can actually make passwords stronger without actually driving users crazy.”

So what’s good?

Long passwords — 12 characters or more — are much harder to predict than short ones, regardless of their composition, said Ms. Cranor.

Advertisement

Systems increasingly demand a mixture of letters, numbers, punctuation and capitalization.

That’s more secure, but can be far better if the capital letters are not at the beginning and the punctuation is not at the end, she said. If you always capitalize, say, the third letter in your passwords, that quirk can improve security while remaining memorable.

CMU’s studies indicate that exclamation points are the most popular password punctuation, so anything else would probably be better.

Beyond the obvious dumb passwords — 12345678, iloveyou, pa$$w0rd — Ms. Cranor advised to avoid your mother’s maiden name, children’s names or birthdays, or other easily identifiable trivia from your well-documented life. Random words strung together would be better than common phrases.

Technologists wonder whether using fingerprints, faces or devices to log in would help or hurt the cause of data security and privacy.
Rich Lord
If passwords can’t protect your account, can fingerprints do the trick?

“Song lyrics?” she said. “Not such a good idea.”

Rich Lord: rlord@post-gazette.com, 412-263-1542 or on Twitter @richelord.

First Published: May 4, 2015, 7:39 p.m.

RELATED
Political campaigns down to the state House level are targeting voters via social media based on information collected by social media companies and Big Data firms.
Rich Lord and Chris Potter
Political campaigns rely on social media data to target voters
Beyond memory, introducing new ingredients into the current password stew can only increase variety and hamper hacking attempts, according to one expert.
Deborah M. Todd
Can emoji passwords confuse hackers?
SHOW COMMENTS (0)  
Join the Conversation
Commenting policy | How to Report Abuse
If you would like your comment to be considered for a published letter to the editor, please send it to letters@post-gazette.com. Letters must be under 250 words and may be edited for length and clarity.
Must Read
The 50- by- 20-foot swimming pool is on the left in this aerial photo.
life
Buying here: Music, stone and wood in harmony in Sewickley Heights home priced under $5M
Singer-guitarist Samantha Fish plays Jergel's on Thursday.
a&e
Fireworks, the furry parade, festivals and more things to do around Pittsburgh this weekend
Instructor Bre Thomas guides a student with a swim board during the “World’s Largest Swimming Lesson” at Cranberry Township Waterpark June 26.
news
Teaching kids 'life-saving' skills for swimming season — and beyond
From Our Sponsors
Sponsored
Sponsored
Sponsored
Partners
Advertisement
TRENDING
Dennis Santana of the Pittsburgh Pirates pitches in the ninth inning against the Cincinnati Reds during the game at PNC Park on May 21, 2025 in Pittsburgh, Pennsylvania.
1
sports
Pirates trade rumors: What the Post-Gazette is hearing as MLB’s deadline approaches
Sat, Jul 5, 2025, 8:00am Noah Hiles
Students walk across the campus of the Community College of Beaver County in Center Township on Wednesday, Feb. 14, 2024.
2
news
Congress wrestled over Pell Grants in the big bill. These Pittsburgh-area colleges have the most Pell-eligible students.
Sat, Jul 5, 2025, 8:00am Maddie Aiken and Thai Theodoro
Anti-ICE protesters in downtown San Antonio recently. Adriana Ramirez wonders if she leave America now, before she gets deported for getting arrested as a 19-year-old.
3
opinion
Adriana E. Ramírez: Maybe we should leave before I get deported
Sat, Jul 5, 2025, 8:30am Adriana E. Ramírez
The Washington Wild Things and the Joliet Slammers play before a crowd of 1,500 people. The team offers several promotions to draw fans, including $1 beer nights and free tickets for people over 50.
4
business
Small ball? Pittsburgh's other professional baseball team isn't afraid to take shots over the bow
Sat, Jul 5, 2025, 8:00am Joe Lister
Edmonton Oilers head coach Todd Nelson watches his players during the third period of an NHL hockey game against the Minnesota Wild in St. Paul, Minn., Tuesday, Feb. 24, 2015. The Oilers won 2-1.
5
sports
Todd Nelson is surprised he joined the Penguins, too, but the coach is excited to be back
Sat, Jul 5, 2025, 8:00am Matt Vensel
Systems increasingly demand a mixture of letters, numbers, punctuation and capitalization for passwords.  (Paul Sakuma/Associated Press)
Paul Sakuma/Associated Press
Advertisement
LATEST business
Advertisement
Pittsburgh skyline silhouette
Copyright © 1997-2025 PG Publishing Co. All rights reserved
TOP
Email a Story