Millions using 123456 as password, security study findings


Jurgen Klopp and Jordan HendersonImage copyright

Image subtitle

Liverpool FC led the list of Premier League club names used as passwords

Millions of people are using passwords that are easy to guess in private accounts, a study suggests.

The analysis by the National Center for Cybernetic Security of the United Kingdom (NCSC) found that 123456 was the most commonly used password in violated accounts.

The study helped to uncover the gaps in cyber-knowledge that could leave people at risk of being exploited.

The NCSC said people should write three random but memorable words to use as a strong password.

Sensitive data

In its first cybernetic survey, the NCSC analyzed public databases of violated accounts to see what words, phrases, and strings people used.

The top of the list was 123456, appearing in more than 23 million passwords. The second most popular string, 123456789, was not much harder to decipher, while others in the top five included "qwerty", "password" and 1111111.

The most common name to use in passwords was Ashley, followed by Michael, Daniel, Jessica and Charlie.

When it comes to Premier League football teams in unlikely passwords, Liverpool are champions and Chelsea are second. Blink-182 topped the charts.

People who use known words or names for a password put themselves at risk of being hacked, said Dr. Ian Levy, NCSC's chief technical officer.

"No one should protect confidential data with anything that can be guessed, such as your first name, local football team or favorite band," he said.

Difficult to guess

The NCSC study also questioned people about their habits and fears of safety.

The researchers found that 42% expect to lose money with online scams and only 15% said they felt confident that they knew enough to protect themselves online.

It was found that less than half of respondents used a separate, hard-to-guess password for their primary email account.

Security expert Troy Hunt, who maintains a database of hacked account data, said choosing a good password was people's "greatest individual control" of online security.

"We have not usually done a good job as individuals or as organizations asking us to register," he said.

Letting people know which passwords have been widely used should lead users to make better choices, he said.

The research was published ahead of the NCSC Cyber ​​UK conference, which will be held in Glasgow from 24 to 25 April.


Source link