Is Your Password Secure? New Report Finds The 100,000 Most At Risk Passwords

The UK’s National Cyber Security Centre has released a list of high-risk passwords, which contains 100,000 of the most commonly used passwords that hackers are already aware of.

Many people have their accounts hacked and wonder how this could happen to them, however, they rarely consider that their password was not strong enough to protect their sensitive data. The UK’s National Cyber Security Centre (NCSC) has released a breach report, which found that 23.2 million hacked accounts around the world used ‘123456’ as their password. While the NCSC suggests that you use 3 random words as a password, most users chose to use ‘123456’ (23.2 million), ‘123456789’ (7.7 million), ‘qwerty’ (3.8 million), ‘password’ (3.6million), and ‘111111’ (3.1 million). Other passwords people used were ‘12345678’, ‘1234567’, ‘password1’, and ‘12345’. The entire list has been shared by the NCSC with the hope that users will create stronger passwords to protect their sensitive data. Many of the top 50 most popular passwords, almost all of which are used by over 500,000 users around the world, are based on basic ideas, such as a series of numbers or the same number repeated numerous times. ‘iloveyou’, ‘dragon’ and ‘monkey’ were passwords that ranked in the top 20 most used. Names also proved to be a common trend in the report, with hundreds of thousands of users choosing to use a single name as their password. Both ‘ashley’ and ‘michael’ are used by over 400,000 users and ‘daniel’, ‘jessica’ and ‘charlie’ are each used over 300,000 times. A users favourite band is also a popular choice of password, with 285,706 users choosing ‘blink182′ as their password, making the band the most commonly selected music related password. Other artists such as ’50cent’, ’eminem’, ‘metallica’ and ‘slipknot’ are all used over 140,000 times.

Another common theme amongst the most regularly used passwords were sports teams, with ‘liverpool’ being one of the most popular sports-themed passwords, with 280,723 people using it. Other popular football clubs are ‘chelsea’, ‘arsenel’ ‘manutd’ and ‘everton’. People who use their favourite sports team as their password could find themselves the victim of a hack, as many sports fans talk about their favourite team on social media, therefore it may be relatively simple for a cybercriminal to discover this information on Twitter or Facebook in an effort to access an account. “Password re-use is a major risk that can be avoided – nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band,” said Dr Ian Levy, NCSC’s Technical Director “Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.” “Recognising the passwords that are most likely to result in a successful account takeover is an important first step in helping people create a more secure online presence,” he added.  

Creating an effective password is often the first step in protecting your business’ sensitive data. It is essential that user’s passwords are not shared with others and are unique to the individual. With password security in mind, many businesses are adopting Multi-Factor Authentication to ensure their employee’s accounts remain secure. Multi-Factor Authentication encourages a layered approach to security, which requires the user to provide multiple authentication factors before accessing their accounts, this ensures your data will remain secure, even if a hacker gains access to your password, it is useless without the remaining authentication factors.

With hackers continuously discovering modern and sophisticated methods to infiltrate accounts and obtain sensitive data, it is essential that businesses are aware of their vulnerabilities to ensure that they are secure. Our TechSecure Audits can help your business become more secure and reduce the likelihood of a breach in security.

To learn more about how partnering with HCS Business Solutions can secure your business, contact our expert team!