0

These passwords may win the popularity contest but lose flat out in security. Tomas Foltyn, the Security Writer at ESET, lists out the worst passwords of 2019

Year after year, analyses show that millions of people make, to put it mildly, questionable choices when it comes to the passwords they use to protect their accounts. And fresh statistics for the year that is drawing to a close confirm that bad habits do die hard and many people willingly put themselves in the firing line of account-takeover attacks.

Drawing on an analysis of a total of 500 million passwords that were leaked in various data breaches in 2019, NordPass found that ‘12345’, ‘123456’ and ‘123456789’ reigned supreme in order of frequency. Between them, these numerical strings were used to ‘secure’ a total of 6.3 million accounts. It doesn’t get much more optimistic further down the list, however, as these three choices were followed by ‘test1’ and, the one and only, ‘password’.

Somewhat predictably, the chart is overall replete with many usual suspects among the most common passwords – think ‘asdf’, ‘qwerty’, ‘iloveyou’ and various other stalwart choices. Other supremely hackable passwords – including simple numerical strings, common names, and rows of keys – also abound. Much the same picture is painted annually by SplashData’s lists of the most-used passwords, such as last yearthe year before that, and so on.

The entire list of the 200 most popular passwords is available in NordPass’ blog post, but here’s at least the top 25. Let that sink in.

RankPassword
112345
2123456
3123456789
4test1
5password
612345678
7zinch
8g_czechout
9asdf
10qwerty
111234567890
121234567
13Aa123456.
14iloveyou
151234
16abc123
17111111
18123123
19dubsmash
20test
21princess
22qwertyuiop
23sunshine
24BvtTest123
2511111

Eerily familiar?
If you recognize any of the above as your own, then fixing your passwords is almost certainly one of the things that deserve a place on your laundry list of New Year’s resolutions. For starters, fixing here means not having the exact same idea as millions of other people when you’re signing up to a service and are asked to create your password.

One way to go about this is opt for a passphrase, which, if done right, is generally a tougher nut to crack as well as easier to remember. The latter is especially useful if you don’t use password management software, which, somewhat unsurprisingly, has been shown to benefit both password strength and uniqueness. Yes, that passphrase should, of course, be unique for each of your online accounts, as recycling your passwords across various services is tantamount to asking for trouble.

You may also want to watch out for password leaks. There are a number of services these days where you can check if your login credentials may have been caught up in a known breach. Some of them even offer you the option to sign up for alerts if your login information is compromised in a breach.

In fact, as ours is an era where login data are compromised by the millions, why settle for one line of defense if you can have two? At the risk of repeating ourselves, two-factor authentication is a highly valuable way to add an additional layer of security to online accounts on top of your password.

UL Supports Businesses in the Region to Manage Cybersecurity Risks

Previous article

How Technology is Enabling Sustainable Development

Next article

You may also like

Comments

Leave a reply

Your email address will not be published. Required fields are marked *