The passwords most likely to get you hacked
Even as we shift to other forms of authentication, passwords aren't going away anytime soon. New research from Peec AI has analyzed over 100 million leaked passwords to uncover the most common words and phrases used, which also of course are the ones most likely to get your account compromised.
There are some interesting findings. Names are still a popular choice with ‘Michael’ one of the most commonly used as a password, included in 107,678 of those analyzed. ‘Daniel’ is the second most used name, with a count of 99,399 passwords. Other popular choices include ‘Ashley’, ‘Jessica’, ‘Charlie’, ‘Jordan’ and ‘Michelle’.
Alarmingly ‘123456’ was found in over six million passwords. ‘123456789’ is the second most popular number combination, featuring in 2,258,198 passwords -- because three extra digits will really fool the hackers, right? -- followed by ‘111111’, which was used 968,155 times.
In addition ‘password’ with 946,935 appearances and ‘qwerty’ with 878,496 are also still depressingly common.
See also:
Google releases Password Manager app
Nearly half of Americans still reuse passwords despite phishing risks
Gen Z know the risks but still reuse passwords
Sports teams are a common theme too with ‘Liverpool’ the most used team, featured in 70,317 passwords, followed by ‘Chelsea’ featuring in 55,834 passwords. Sports themselves feature with ‘Football’ (107,169), ‘Baseball’ (82,574) and ‘Soccer’ (79,735) the top three.
Bands and musicians are also popular, the study finds ‘blink-182’ (84,545), ‘50 Cent’ (55,897) and ‘Eminem’ (43,344) topping the list. Fictional characters feature too, ‘Superman’ (86,937), ‘Batman’ (52,388) and ‘Wall-e’ (48,288) being top choices.
Malte Landwehr, CMO of Peec AI, offers some tips on staying safe:
Attackers often use dictionaries and lists of common passwords in their attempts to crack passwords, so it's important to make yours as difficult as possible to guess. Changing your passwords regularly is a great way of adding an extra layer of security.
You should aim for a password that is at least 12 characters long, as long passwords are generally more secure, and include a combination of uppercase and lowercase letters, numbers, and special characters, such as ., !, @, #, $, %. Also, try to mix up letters, numbers, and symbols that do not follow predictable patterns, such as ‘12345’ or ‘qwerty’.
Hackers can easily guess personal information, such as names, birthdays, family members, pets, or hobbies that are publicly available, so it’s best to create passwords that don’t relate to you.
One final piece of advice is to avoid using the same password for multiple accounts, because if a hacker guesses your password on one platform, they will likely attempt it on all your other active platforms.
It can be difficult to keep track of long, complex passwords – with special characters, uppercase letters, and more -- but password managers can help. They store (and even generate) secure passwords for each of your accounts, making it much easier to manage and remember multiple strong passwords.
Enabling Multi-Factor Authentication (MFA) is also advised, as it adds an extra layer of protection by requiring a second method of verification, such as a temporary code texted to your phone or a mobile authenticator app (such as Google Authenticator or Authy). With an MFA in place, even if someone has your password, they won’t be able to access your account without that second layer of verification – so make sure you use it especially for your email, bank, and social media accounts.
Do you have any favorite password tips? Share them in the comments.
Image credit: designer491/depositphotos.com