Millions of people still use 123456 as their password

[midian182]

Facepalm: In today’s digital age where most consumers know their modems from their motherboards, one might imagine that the quality of people’s passwords has improved. But a recent study shows that isn’t the case, with terrible, easy-to-guess passwords still being used by millions.

The report by the UK's National Cyber Security Centre (NCSC) analyzed passwords found in public databases of breached accounts to find out popular words, phrases, and strings. It appears that the worst password of 2018—123456—remains the most popular, appearing in more than 23 million passwords.

The second-most popular string was the equally bad 123456789, while the other top five entries include "qwerty," "password," and 1111111.

People’s names are still commonly used as passwords, the most popular being Ashley, followed by Michael, Daniel, Jessica and Charlie. And when it comes to using band names, Blink182 is the most common, followed by 50cent. Superman, meanwhile, is the most popular fictional character name used as a password.

The report was put together in collaboration with Troy Hunt, the Australian security researcher responsible for the Have I Been Pwned website, which reveals if your email addresses or passwords appear in data breaches.

Most users know that it’s inadvisable to reuse the same credentials across multiple websites—even Mark Zuckerberg is thought to have been guilty of this practice in the past. Remembering multiple passwords isn’t easy, of course, so the best solution is to use a password manager such as LastPass. It’s also advisable to enable two-factor authentication wherever possible, but the most important thing is to not use terrible passwords.

“Making good password choices is the single biggest control consumers have over their own personal security posture. We typically haven’t done a very good job of that either as individuals or as the organisations asking us to register with them,” said Hunt.

“Recognizing the passwords that are most likely to result in a successful account takeover is an important first step in helping people create a more secure online presence.”

Permalink to story.

https://www.techspot.com/news/79747-millions-people-use-123456-their-password.html

 

[Uncle Al]

And they wonder why there is so much hacking ......

 

[netman]

The people who use such passwords should not open accounts in the first place or they should quit internet for good....

 

[elementalSG]

One, two, three, four, five, six? That's amazing! I've got the same combination on my luggage!

 

[Misagt]

You know this really makes me feel better about myself. I some times worry that my 12-16 passwords aren't good enough. The answer is yes they are.

 

[Michael Lindo]

Why do websites allow people to use such passwords in the first place?? They can tell me if I have not used a capital letter, numbers, or symbols, so why do they still allow people to use such blindingly obvious passwords???

 

[Lionvibez]

So millions are lazy and don't care about their online security might as well just walk around with a shirt that says hack me here is all my info.

 

[QuantumPhysics]

My daily internet use hosts demand I use a Capital letter, at least one number and at least one special mark.

 

[JamesJamesJames]

It's so much easier to just use a password manager for all these throwaway accounts... It's even easier than using a crap password for all the pointless account creation requests.

 

[fktech]

Paper trails can't be hacked.

 

[Badvok]

There are still so many sites that insist on you having an account with them just so they can spam you. It is hardly surprising that people don't bother with secure passwords, what's the potential loss? Less spam cluttering up your junk email folder?