6. Using Personal Info That’s Easy to Guess
If your password includes your pet’s name, birth year, or favorite sports team—stop right now. Social engineering attacks use publicly available data to guess passwords with shocking accuracy.
Hackers often scrape your social media, public databases, or even breaches that include personal info to build these guesses.
Fix: Avoid anything tied to your identity. Use passphrases unrelated to your life—like “BlueCactus!8MoonJump”.