Will we EVER learn? The most common passwords of the year are revealed – with ‘password’ and ‘123456’ topping the list yet again
- The company NordPass has released its annual Most Common Passwords report
- ‘123456’ and ‘password’ are still among the most popular passwords in the UK
When it comes to choosing a password, it appears many of us still don’t take security that seriously — especially if streaming films and TV shows.
That’s because new research has revealed that ‘123456’, ‘admin’, ‘password’ and ‘user’ are again among the world’s most popular login phrases.
Not only that, but a third of the world’s most popular passwords consist of purely numerical sequences such as ‘123456789’, ‘12345’, and ‘000000’.
The analysis found that people use the weakest passwords for things like Netflix, Disney+ and Amazon Prime Video, while the strongest logins are reserved for financial accounts.
‘Netflix’, ‘netflix123’, ‘disney123’ and ‘disney2020’ were all among the most commonly used passwords for streaming services, according to password management company NordPass.
Easy to crack: New research has revealed that ‘123456’, ‘admin’, ‘password’ and ‘user’ are again among the world’s most popular login phrases (stock image)
Britain’s favourite passwords: In the UK, both ‘password’ and ‘password1’ were again among the most commonly used this year, according to password management company NordPass
THE MOST COMMON PASSWORDS IN THE UK
‘Apple2020’ ‘Iphone1234’ and ‘Samsung1’ were popular with smartphone users, ‘minecraft’ for gamers and ‘amazon’ for e-commerce websites.
Although financial accounts proved to have the strongest passwords, it should be more than a little concerning that there are people who have chosen the phrases ‘visavisa1’ and ‘paypal123’ to secure them.
Football also remains a common inspiration for internet users’ passwords, according to NordPass.
Its annual Most Common Passwords report revealed that many British people used player and team names for their logins, including ‘Liverpool’, ‘Arsenal’, ‘Chelsea’, ‘Rangers’, as well as simply ‘Football’.
That may not come as much as a surprise.
What is more interesting, however, is that those in the UK rather bizarrely also like to choose passwords relating to animals or mythical creatures, such as ‘monkey’ and ‘dragon’.
Of course, it wouldn’t be a common password list without the word ‘password’ on it.
In the UK, both ‘password’ and ‘password1’ were again among the most commonly used this year, according to NordPass.
‘Qwerty’ – the six characters in the top left of a computer keyboard – was also heavily featured, along with abc123.
Somewhat randomly, ‘cheese’ also appears among the top 20 most common passwords, while ‘letmein’ and ‘killer’ were popular, too.
Perhaps most concerningly, all of the logins featured on the UK list take less than a second to crack, prompting NordPass to warn about the need to better protect accounts from hackers.
It said that rather than internet users improving their password creation habits, this year had seen them go in the other direction by sticking to already pre-configured passwords.
For example, ‘admin’ wasn’t even on the global list in 2022 but has now shot up to the top of the charts in most of the countries surveyed, bar the UK.
Globally it sits at number 2 overall.
Alarming: ‘Admin’ wasn’t even on the global list in 2022 but has now shot up to the top of the charts in most of the countries surveyed, bar the UK
Across the pond: In the US, ‘123456’ was also the most popular login, along with ‘password’
THE TOP 50 MOST COMMON PASSWORDS WORLDWIDE
Rank
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
Password
123456
admin
12345678
123456789
1234
12345
password
123
Aa123456
1234567890
UNKNOWN
1234567
123123
111111
Password
12345678910
000000
admin123
********
user
1111
P@ssw0rd
root
654321
qwerty
Pass@123
******
112233
102030
ubnt
abc123
Aa@123456
abcd1234
1q2w3e4r
123321
err
qwertyuiop
87654321
987654321
Eliska81
123123123
11223344
987654321
demo
12341234
qwerty123
Admin@123
1q2w3e4r5t
11111111
pass
Time to crack it
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
17 Minutes
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
11 Seconds
< 1 Second
1 Second
< 1 Second
< 1 Second
1 Second
< 1 Second
< 1 Second
5 Minutes
< 1 Second
< 1 Second
< 1 Second
1 Second
< 1 Second
11 Seconds
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
3 Hours
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
< 1 Second
1 Hour
< 1 Second
< 1 Second
< 1 Second
Number of users
4,524,867
4,008,850
1,371,152
1,213,047
969,811
728,414
710,321
528,086
319,725
302,709
240,377
234,187
224,261
191,392
177,725
172,502
168,653
159,354
152,497
146,233
144,262
135,424
122,834
109,908
109,836
105,505
102,054
100,920
99,612
98,743
94,698
90,414
86,921
86,486
83,206
81,390
79,434
79,310
78,452
75,755
73,033
72,444
69,006
68,140
67,957
67,787
65,258
64,597
63,545
62,169
NordPass said that as many as 70 per cent of the passwords in this year’s global list can be cracked in less than a second.
The company’s independent researchers analysed the use of passwords in some 35 countries worldwide, while also studying how malware attacks can be a huge threat to people’s safety online.
Once someone’s computer gets infected with malware, experts say a person risks losing a vast amount of personal information, including passwords and other credentials saved on the browser.
That is why people should choose stronger passwords that are harder to crack, or use new passkey technology, they added.
Tomas Smalakys, the chief technology officer of NordPass, said: ‘With the terrifying risks password users encounter, alternative methods in online authentication are now essential.
Lax: The analysis found that people use the weakest passwords for things like Netflix, Disney+ and Amazon Prime Video, while the strongest logins are reserved for financial accounts
Hacking threat: The company’s independent researchers analysed the use of passwords in some 35 countries worldwide, while also studying how malware attacks can be a huge threat to people’s safety online (stock image)
‘Passkey technology, considered the most promising innovation to replace passwords, is successfully paving its way, gaining trust among individuals and progressive companies worldwide.
‘Being among the first password managers to offer this technology, we see people are curious to test new things, as long as this helps eliminate the hassle of passwords.’
Cyber security expert Jake Moore said: ‘Poor passwords are often an easy way for hackers to get into accounts and there are tools cyber criminals use to help them gain access such as stuffing password fields with well-used passwords.
‘People often put their passwords on their social media such as their pet names or favourite films, for example.’
He added: ‘The clever use of two factor authentication and robust encryption are a far stronger mix than using the same two or three passwords for all accounts.’
Tips to ensure your passwords are safe
1. Deploy a password manager
Password managers allow you to store all the passwords in end-to-end encrypted digital storage locked with a single keyword for the most convenience. Most password managers have additional features to check passwords’ strength and automatically generate unique passwords. For organizations, they can come in handy when sharing passwords with employees or managing their access.
2. Introduce cybersecurity training
Since simple human mistakes remain the leading cause of data breaches, it is worth investing in cybersecurity training sessions for employees. Starting from the basics might be a good idea given that people have different technology background levels.
3. Enable multi-factor authentication
Known as MFA, it serves as an extra layer of security. It is an authentication method that uses two or more mechanisms to validate the user’s identity – these can be separate apps, security keys, devices, or biometric data.
Source: NordPass
Source: Read Full Article