Most-hacked password

123456

DON’T USE IT!

It is THE most-hacked password in the world.

23.2 million victim accounts worldwide used 123456 as password.  This is a staggering fact from the National Cyber Security Centre.  And proof, if you needed any, that more complex password are needed to keep your valuable data safe.

The top ten most common passwords are listed below:

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 111111
  6. 12345678
  7. abc123
  8. 1234567
  9. password1
  10. 12345

If you see a password that you use in this list, you should change it immediately!

Other popular passwords include names and football teams.  Andrew is listed as number 11 of the 20 most commonly names used as passwords in breaches!  The top name is Ashley, followed by Michael, Daniel, Jessica and Charlie.  Liverpool is the top football team, following by Chelsea, Arsenal, ManUtd and Everton.

Nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band.   Other passwords to avoid are anything from the following 20 categories, which are the most-hacked password categories, according to a recent study:

    1. Pet names/terms of endearment
    2. Names
    3. Animals
    4. Emotions
    5. Food
    6. Colours
    7. Swear words
    8. Actions
    9. Family members
    10. Car brands
    11. Cities
    12. Brands
    13. Countries
    14. Sports
    15. Religions
    16. Hobbies
    17. Weather
    18. Drinks
    19. Social media platforms
    20. Star signs

Password re-use is another major risk that can be avoided.

Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words, or a “pass-phrase” to make it easier for you to remember.

But be creative and use words memorable to you, so people can’t guess your password.

If you’re worried about how you’re going to remember lots of different, and stronger, passwords for all your different accounts, see our recent news article about using Password Managers.

If you want to test a password you are thinking of using, the NCSC recommend entering it into Have I Been Pwned, and see what comes up.

For more help and advice on anything relating to security online, give us a call (0114 287 0510), or email us (info@datamills.co.uk)

Share this: