Think you know AARP? What you don't know about us may surprise you. Discover all the 'Real Possibilities'



Contests and

Dream Vacation Sweepstakes

10 weeks. 10 amazing trips. Seize your chance to win!
See official rules. 

Driver Safety

Piggy bank on the road - AARP Driver Safety

Take the new AARP Smart Driver Course!


AARP Foundation Tax-Aide

You can get free, face-to-face tax assistance nationwide.

Money Matters Tip Sheets

Download and print out these PDFs to help with your financial matters.

AARP Books

Visit the Money Section

Enjoy titles on retirement, Social Security, and becoming debt-free.


Learn From the Experts

Sign up now for an upcoming Money webinar or find materials from a past session. 

Jobs You Might Like

most popular


Scam Alert

Bad Passwords

Make your code hard to hack, easy to recall

En español  |  It has happened again: A hacker allegedly stole — and published — almost a half-million usernames and passwords from Yahoo this week.

This incident comes on the heels of a similar one at LinkedIn last month, when some 6 million user passwords were stolen.

Sign up for the AARP Money Newsletter.

letterpress password, avoid bad password yahoo thef

Don't use the word password as your password. — Istockphoto

What's a computer user to do?  While you can never be completely secure, tech experts say you're less vulnerable if you have a difficult-to-hack password. Here are some things to keep in mind:

If "password" is your online password, you're in good company … and that's bad. As the single most popular log-in used to access online accounts, it's also the one most easily hacked by cybercriminals.

Changing the "o" to a zero — "pass-w0rd" — is not much better. It ranks as the 18th most common, according to SplashID, a company that produces password management software. And with more websites now requiring passwords to include both letters and numbers, you may think you're safe with "abc123." Think again. That password ranked fifth.

Some new trends have popped up in SplashID's analysis of millions of passwords. Joining the longtime "don't use" password "qwerty" — the top left letters on a keyword — is "qazwsx," a top-to-bottom sequence on the left. There's also increased use of common names. Officials, however, are baffled by the popularity of "monkey" and "shadow."

But what's clear is that using any of these passwords significantly increases your risk of identity theft. Although cybercrooks sometimes apply sophisticated hacking software, they're more likely to depend on the old-fashioned method: repeatedly trying common passwords to log into your account.

Here's how to make passwords harder to hack yet easier to remember:

  • Go long. Use at least 12 keystrokes. One study shows that a good 12-character password would take hackers more than 17,000 years to crack.
  • Mix it up. Use upper- and lowercase letters, spaces and underscores, and symbols like @ and %.
  • Finesse your favorites. For easier recall, base your passwords on foods you like, TV shows or first letters of a song, but with tweaks, symbols and conscious misspellings.

Whatever you choose, use different passwords to access online financial accounts, email, social networking and even to post comments on websites. Consider changing them every 90 days or so.

To gauge password protection, go to and select "Create Strong Passwords."

Sid Kirchheimer is the author of Scam-Proof Your Life, published by AARP Books/Sterling.

You may also like: Passwords in trouble.

Topic Alerts

You can get weekly email alerts on the topics below. Just click “Follow.”

Manage Alerts


Please wait...

progress bar, please wait

Related Video

Can't remember your passwords? It may not be funny to you, but stand-up comedian Don Friesen offers a one-size-fits-all solution.

Tell Us WhatYou Think

Please leave your comment below.


Discounts & Benefits