Don't walk the walk when creating passwords
When you're creating a new password in a hurry it's tempting to choose keys that are adjacent to each other on the keyboard. In security circles this is known as a 'walk pattern'.
Of course this is horribly insecure but it's also worryingly common. New research from Specops has analyzed an 800 million password subset of its larger Breached Password Protection database to find the top keyboard walk patterns in compromised password data.
"Keyboard walk patterns are yet another predictable password behavior," says Darren James, senior product manager at Specops Software. "Users are human and are motivated to create passwords that are easy to remember. This research shows us just how common strolling along the keyboard is as a tactic for creating memorable passwords."
The research focuses on three common keyboard types, QWERTY which is prevalent in the Americas and several regions of Europe, AZERTY used in France and Belgium for example, and QWERTZ, common in Germany and central Europe.
The research shows top line walk QWERTY used as a password occurred on the database over a million times. On QWERTZ keyboards QWERT as a password occurs 1.4 million times. AZERTY keyboard users though favor the bottom row combination of XCVBN which occurs in the database over 143,000 times.
"We find keyboard walk patterns in compromised password data because users are human," adds James. "But the danger is that attackers also know this. Any IT team looking to shore up their defenses against this particular prevalent password behavior would be smart to block these specific patterns. Smarter IT teams would go further and make sure to block the use of any known compromised password."
You can read more on the Specops blog.