Not using personal details in passwords
Using personal details in passwords makes them easier to crack. Random words provide greater resilience.
Passwords/passphrases become stronger with randomness. They are harder to brute force and become less susceptible to dictionary attacks.
Personal details decrease randomness. They can be searched for online and if used often enough, make passwords predictable.
Behaviours in SebDB are ranked by their impact on risk. Tier 1 behaviours have the biggest impact, Tier 4 behaviours the least.
http://www.secureaction.com/articles/what-makes-strong-password.shtml https://www.us-cert.gov/ncas/tips/ST04-002 https://www.us-cert.gov/ncas/tips/ST05-012 https://www.consumer.ftc.gov/articles/0017-kids-and-computer-security