You’ve been there. Staring at a password entry screen, wondering what your password for that website was. Heads up, though. If you can guess your password, so can everybody else. And some of them won’t be too nice about it.
As a pair of just-released studies show—one by Comparitech, released on November 6, 2025, and one by NordPass, maker of the excellent NordVPN—NordPass brings up an interesting idea: What if websites just blocked specific terms from being used as passwords?
Dashlane (opens in a new window)
Available at Dashlane
Buy Now (opens in a new window)
Solving the password problem
“The internet teaches us how to log in, and for decades, it’s been teaching us the wrong lessons,” Karolis Arbačiauskas, head of product at NordPass, told TechRadar. “If a site accepts ‘password123,’ users learn that’s enough, and it’s not.”
That brings up an interesting point. There are already loads of websites that set terms when it comes time to create a password for a new account. Many make you use a password of a certain length, although it’s almost always an insufficient number, such as six or eight characters.
Then others make you use special characters, such as $, !, @, and the like. Basically, any symbol found on your keyboard that isn’t a letter or number. That’s better, but still not enough to keep somebody from sticking an exclamation point on the end of “password1234.”
Couldn’t a website ban the creation of any password composed, in whole or in part, of “password,” “admin,” “login,” or “123?” That alone would weed out nearly all of the top 20 most common passwords in breaches, as Comparitech found in analyzing two billion password breaches in 2025 alone.
What you need is a password manager. These apps generate incomprehensibly complicated, hard-to-crack passwords—one unique password per account or website. And because they’re purposefully incomprehensible, sometimes up to 64 characters long, they remember them for you.
I highly recommend using one, whether or not you’ve ever used “admin1234” as your password.
Proton Pass (opens in a new window)
Available at Proton Pass
Buy Now (opens in a new window)
The post What if the Answer To Bad Passwords Is More Websites That Won’t Let You Use Them? appeared first on VICE.
