While most people know better, there are still millions of people around the world who continue to use unsecured passwords for some of their most important accounts. While it’s tempting to pick a password that’s easy to remember, it’s become even easier for hackers to brute force their way into your most important accounts — email, banking, social media — if you’re using an easily guessed combination of letters and/or numbers.
Unfortunately, it seems millions of tech users around the globe continue to use simple passwords in their day-to-day lives, and a new report from the U.K. doesn’t exactly inspire confidence. As reported by the BBC, a recent analysis by the U.K.’s National Cyber Security Centre (NCSC) revealed that millions of breached accounts all used the same easily hackable password.
The NCSC’s report details that “123456” was the most widely-used password on breached accounts. As Shropshire Star points out, the NCSC’s findings were released ahead of the organizations CyberUK 2019 conference, which is set to take place in Glasgow. The event is used to help shape government policy and legislation, as well as steer businesses and the public toward more secure internet practices.
Trailing behind 123456 was a very similar passphrase — 123456789. In third place was “qwerty” — the first six letters which appear on the top row of a standard QWERTY keyboard. The word “password” came in fourth place, with 1111111 coming in fifth. When it comes to passwords based on given names, the most popular were, in order: Ashley, Michael, Daniel, Jessica, and Charlie, as reported by Business Standard.
Millions of people are using easy-to-guess #passwords on sensitive accounts, with "123456" being the most widely-used on breached accounts, suggests a #security study.#CyberSecurity— IANS Tweets (@ians_india) April 21, 2019
Photo: IANS pic.twitter.com/zt527K9V9m
Dr. Ian Levy, technical director for the NCSC, weighed in on the overuse of easily guessable passwords.
“We understand that cybersecurity can feel daunting to a lot of people, but the National Cyber Security Centre has published lots of easily applicable advice to make you much less vulnerable,” Levy explained. “Password re-use is a major risk that can be avoided – nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band.”
“Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.”
For those who aren’t keen on remembering lengthy phrases or words, password managers have become a go-to for those looking for a balance between security and ease of use. Password managers store all your important passwords in a digital vault, with the user only needing to remember one password to gain access to the rest of them.