The most popular, used by more than 2.5 million users, was “123456.” Other variations that extend or shorten the same sequence make up half of the 10 most common passwords of the year, according to l ‘investigation, almost all of which would take less than a second to crack and have been violated millions of times. “123456” has been raped over 23.5 million times.
NordPass’s survey of the 200 most common passwords, compiled in partnership with a third-party data breach research company, found that of the millions of passwords assessed, some 152.8 million passwords were incredibly easy to crack and shared by tens of thousands. other accounts. Less than 122.9 million were considered unique.
“Picture1”, used by over 371,600 accounts, was a rare new entry at number three. Just behind it was “password” with over 360,400 users. Other easy-to-guess top 20 access codes include: “qwerty”, “1234”, “iloveyou” and “password1”.
But also to list common passwords were combinations like “aaron431”, “zxcvbnm” – look at the sequence of letters at the bottom of your keyboard – and “x4ivygA51F”. “Ashley” was one of the most common name-based passwords, shared with over 52,000 other users.
While most of the passwords on the list could be cracked in less than a second, a few would take a few days; “Jobandtalent” would take three years to crack, according to NordPass.
NordPass cybersecurity expert Chad Hammond suggested changing your password if it appears in the top 200 list.
The password management company said that despite recalls from cybersecurity experts, it was clear that not only are people still using rudimentary passwords, but they are not changing them either. Of the 200 most common passwords for 2020, only 78 were new to the list as of 2019.
Hammond warned that a weak password can be used for “credential stuffing attacks,” where breached logins are used to gain unauthorized access to user accounts.
“If you are the victim of a credential jamming attack, you may lose your Facebook or other important account with all of its content. Additionally, your email address could be used for phishing attacks or to rip off your family and friends, who might very well fall in love there, because the email will supposedly come from you, ”Hammond said in a commentary. communicated.
Here are some suggestions for strengthening your password:
use complex, long and unique passwords
store them in a password manager
use two-factor authentication when possible
delete old unused accounts and regularly check active accounts for any suspicious activity