No one intentionally chooses a bad password.
Most people choose bad passwords because they are easy to remember...BUT would you leave your car unlocked just because that way, it's easy for you to get in later?
A weak password is the same thing.
Don't Use A Password Based on Dictionary Words
Recent brute force attacks on WordPress installations have brought attention to the security of passwords based on dictionary words. Adding numbers and replacing characters does not increase the level of sophistication of a password if it is based on a dictionary word.
Brute force attacks use a dictionary of all words, commonly used passwords, and combinations of these words and cycle through those words until they gain access to the account. Any password based on dictionary words is vulnerable. These attacks are scripts run by computers and are able to cycle through thousands of password 'guesses' in a very short time.
TIP: Use a Phrase To Create an Easy-To-Remember Secure Password
- Think of a phrase that is easy for you to remember.
My son's birthday is June 4, 2001 - Take the initials of each word in the phrase to create the password. Or alternatively, use the whole phrase.
msbij/4/2001 OR mysonsbirthdayisjune42001 - THEN, capitalize some letters and add special characters and numbers in a way that makes sense to you. You can even introduce misspellings to make it more secure.
mSbiJ/4/2001 OR mySunzBdayIzJoon*4*2001
Use a Password Strength Checker
Microsoft has a very helpful password security checker to let you see how you've done in your quest to create a secure password.
NOTE: No password is 100% secure. You still must take basic security precautions such as not sharing your password with others, changing it frequently and changing it immediately if you believe it may have been compromised.