Home

Secret123

Secret123 is a commonly cited example of a weak password used in computer security literature to illustrate the dangers of predictable credential choices. The phrase combines an English word with the sequential digits 123, a pattern that is quickly ruled out by attackers using basic dictionaries and brute-force techniques. Because of its simplicity and predictability, Secret123 offers little resistance to password-guessing attempts and is routinely discouraged by security guidelines.

In practice, Secret123 has appeared in password lists and breach analyses as an archetype of insecure credentials,

Mitigation and best practices emphasize creating longer, more complex credentials or, preferably, using a password manager

alongside
other
well-known
weak
patterns
such
as
Password123
and
Qwerty123.
It
is
often
used
in
educational
materials
to
demonstrate
how
simple,
common-form
passwords
can
be
compromised
and
to
motivate
the
use
of
stronger
authentication
practices.
Security
researchers
and
administrators
may
reference
this
and
similar
examples
when
illustrating
the
limits
of
simple
passwords
and
the
value
of
better
practices.
to
generate
and
store
random
passwords.
Recommendations
include
using
a
minimum
length
of
12
to
16
characters,
avoiding
common
words
and
predictable
sequences,
and
enabling
multi-factor
authentication
where
available.
Regularly
updating
passwords,
unique
credentials
for
each
service,
and
monitoring
accounts
for
unauthorized
access
are
also
advised
to
reduce
risk
associated
with
weak
passwords.
See
also
password
strength,
credential
stuffing,
and
multi-factor
authentication.