The term “password walking” refers to passwords formed from keys located close to each other on a keyboard. Many people use passwords like this because they are convenient to enter and remember. But these types of passwords, while they provide some protection, are far from being secure. Many hackers are aware of the human tendency to rely on easily recalled passwords, and can readily exploit these common “walking” patterns.
According to SecurityMagazine, a recent study by Virginia Tech and Dashline on over 61 million leaked passwords has revealed many of the most common password patterns. Some of the most common examples of password walking include 1q2w3e4r or zaq2wsx. Every keypress is adjacent to the one before it, and both of those passwords can be entered quickly using only keys on the left edge of the keyboard. Some people may get a false sense of security from this, thinking these are just random letters and numbers, but these passwords are not at all random.
This study also revealed that many brand names, as well as pop culture- and sports-related passwords, are being used. These include everything from cocacola to pokemon and even liverpool. It should be obvious that none of these is a good choice for a password. Any popular or commonly used word—and any recognizable variants—should be avoided when creating a password.
It is important to remember that cyber-criminals are quite aware of these common techniques that people use to create their passwords. Since walking a password does not create a string of random characters, these passwords are just as easy to break as the names from pop culture. The time and effort you save by using weak passwords is not worth what could be lost when your account is hacked.
The best practice is to use passwords that are genuinely random and unique. You should try to go beyond the requirements that are typically enforced for passwords. This means having more than 8 characters, using a mix of characters and symbols, and avoiding common phrases and names. Each password you create should be different from those used on other websites. A password manager can be a great tool to create strong passwords and keep track of them.