Why the Weird Password “ji32k7au4a83” Reveals Hidden Risks in Common Passwords

Earlier we reported on the 2020 "Worst Passwords TOP 200" list, which showed that over 3% of people still use "123456" as their password. A recent discussion on the breach‑tracking site Have I Been Pwned focused on the unusual password "ji32k7au4a83".

Have I Been Pwned provides a "Pwned Passwords" service that records 551,509,767 real passwords exposed in data leaks. Users can query how many times a password has been seen; for example, "123456" appears 23,174,662 times.

Hardware/software engineer Robert Ou noticed that "ji32k7au4a83" had been used 141 times, which seemed odd. The reason is that the string is the Zhuyin (Bopomofo) transcription of the Chinese phrase "我的密码" (wǒ de mìmǎ), meaning "my password".

Zhuyin, based on Zhang Taiyan's phonetic alphabet, was created by the Chinese Phonetic Society in 1913 and officially adopted by the Beiyang government in 1918. Over the past century it has evolved, and today it is still used in Taiwan, Penghu, Kinmen, and Matsu.

Given the prevalence of weak passwords, security experts warn that hackers can quickly crack accounts by matching them against common password lists; studies show that 1,000 accounts can be compromised in about 17 minutes.

To protect your accounts, experts recommend the following three rules when creating passwords:

Password length should be at least eight characters.

Avoid obvious patterns or predictable sequences.

Use at least three character types, such as letters, numbers, and special symbols.

What tricks do you use when setting passwords? Share your tips in the comments.