The Dangers of Online Password Checkers

Secure Click News The Dangers of Online Password Checkers<br />

The Dangers of Online Password Checkers

Recently we helped a non-profit organisation with some IT security awareness training. One of their users’ Facebook accounts had been recently compromised by a suspected case of bruteforcing. This is usually an automated attack which occurs when hackers use dictionary-based software to try “guess” the password securing the account.

But here is the interesting bit. The user already used an online password checker ( to test the robustness of their password. This online tool reassuringly informed them that their password “november2015” would take a whopping four years to hack.
A lot of password checking tools can be dangerous. They work on the assumption that hackers will use every combination of characters. But the fact is hackers are a lot more sophisticated than that. They use databases which concatenate common words which everyday humans use. Here at SecureClick, we recommend you use a password that is both long and random. A password such as “tenerife2016” is not secure because it’s not random enough. However, if I go to, I can generate three random words quickly. For this example, the words “easy”, “soap” and “platform” are generated. Concatenating these random words, I get a nice secure password of “easysoapplatform”. This would be memorable for most users whilst negating the need to write it down or store it electronically. 

So, the next time you hear a data security expert on Sky News recommending that people to use a password checker to check the robustness of their passwords - remember that hackers are smarter than that. Password checkers can be a very crude tool and their results should be taken with a liberal pinch of salt.

Got a question?

If you would like to make an enquiry about any of our services click the "Contact Us Now" button and fill in your details.