Each time there is an article about password security, I say the same thing ;-)<p>"soccer123" is a secure password.<p>Or at least, it ought to be, in most cases. The reason that 99% of the time it isn't is because bad security practices are implemented that don't lock users out temporarily after around 4 or 5 attempts, don't use captchas after the first 2 attempts, etc.<p>Nowadays it really ought to be impossible (unless you have access to the database, of course, in which case you have other problems) to brute force passwords. But then again, developers (including myself) are lazy :-)