5 reasons not to use emoji in your password

Emoji (emoticons) overcome cultural and language barriers. They have become part of the Internet vocabulary and everyday communication, and are so ingrained in our language that people have started using them in passwords.

Unfortunately, that's not a good idea and here are 5 reasons why.

1. You may be locked out

Have you ever actually tried using emojis in your password? If yes, you know that some platforms allow emojis while others do not. This is not a big problem. However, even if you can create an account somewhere with an emoji-based password, you still might not be able to log in, especially if they change the password rules. You'll most likely encounter compatibility issues or the site you're trying to use can't handle emoji passwords properly.

2. Predictability

When it comes to passwords, people tend to favor common phrases and easy-to-guess combinations of numbers. In fact, according to NordPass research, the most popular password in the world is "123456", while phrases like "admin" and "password" are in the top 10. If people start using emoji in their password, it can be assumed that they will use the most common emojis, making their password easy to crack.

5 reasons not to use emoji in your password Picture 1 5 reasons not to use emoji in your password Picture 1

3. Cross-platform issues

Emoji are part of the Unicode standard and are the same across all platforms and operating systems. However, you may notice that they look different depending on your operating system. And because their appearance is different, you may have difficulty using the correct password. If you enter the wrong password too many times, you will have to verify your account again or worse, it may be locked.

4. Inconvenient

In addition to potential security issues, there is also inconvenience. If all you ever use is your smartphone, perhaps using an emoji-based password won't be too inconvenient. But have you ever tried sending emoji to someone on your computer? For example, if you have a Windows computer, you must enable emoji support through ViVeTool. It's certainly more convenient to just use letters and numbers on your keyboard.

5. There is a risk of Shoulder Surfing

Your smartphone keyboard may display the most recently used emojis right at the top. Having this information available puts you at risk of Shoulder Surfing (a technique of collecting passwords by looking over someone's shoulder as they log into the system). As the term suggests, this is a type of cyberattack in which the perpetrator monitors the target's device screen to obtain sensitive information. Not that using a regular password will make you invulnerable to a Shoulder Surfing attack, but it's certainly easier to remember an emoji combination than something like "us1nFzP!qR".

How to create a strong password that doesn't include emojis

5 reasons not to use emoji in your password Picture 2 5 reasons not to use emoji in your password Picture 2

You don't need emojis to create strong passwords. What you need are letters, numbers and special characters. Or rather, you need to combine those 3 elements. Password strength or password entropy can be measured. The more complex the password, the harder it is to crack.

The problem with complex passwords is that they can be difficult to remember. This is why you should use a password manager, specialized software designed to store and manage passwords. Password managers are easy to use, and many of them have free versions available.

Another mechanism you should consider is two-factor authentication. When two-factor authentication is enabled (now available in most apps), you'll need to confirm your identity by entering a temporary code or using a dedicated app.