Do you ever use “123456,” “Admin,” or “Password” as a password for personal or work account? If yes, you are not unfortunately alone and putting yourself and your employer at risk.
Also: 10 Pasaki Survival Tips: Now prepare for your passwordless future
Last Friday published by Security News and Research Outlet Cybernews, A new study More than 19 billion leak passwords show that people still rely on patterns that leave them insecure to attack and compromise.
For the study, Cybenuse saw credentials leaked from 200 different incidents in the last 12 months. Using various cyber intelligence devices, the outlet was able to determine factors such as the length of the password, the character structure and the use of special characters and numbers.
The most common (and lazy) passwords are still in use
Based on analysis, lazy passwords like “1234,” “123456,” “Password,” and “Administrator” are still quite common. Cybenus found “1234” in about 4% passwords, over 727 million. With two additional points, “123456” appeared in 338 million passwords. Both “passwords” and “123456” are both among the most popular passwords since at least 2011.
Too: Why multi-factor certification is absolutely necessary in 2025
One problem is that many systems and products come with default passwords, such as routers with “administrators” as both user names and passwords. Many people never bother to change the lapse, even in a business or industrial environment, leave their accounts and equipment insecure to attack.
Too: 7 Password Rules Safety Experts live in 2025 – final can surprise you
The “Default Password” problem remains one of the most frequent and dangerous patterns in the leaked credentials leaked, “said the information safety researcher of Cybernews, Ninga McGoucito. Entries for ‘Password’ (56 million) and ‘Admin’ (53 million) suggest that users rely on very simple, predicted lapse. Attackers also prioritize them, to make these passwords at least safe. ”
Extensive epidemics
94% of passwords were reused or duplicated, and more than 19 billion passwords were examined, only 1 billion, or 6%, unique and therefore relatively safe.
“We are facing a broad epidemic of reusing weak passwords,” said MaciJuskaitė. “Only 6% of passwords are unique, other users have been left highly weak for dictionary attacks. For most, the security hangs from two-carnational authentication thread-it is capable.”
Beyond normal criminals, other words and words often pop up as passwords. Many people choose a name as their password or at least as part of it. The name “Ana” appeared in 1% leaked password, or 178 million. Pop culture is also a popular subject. Cybenus exposed millions of people with passwords like “Mario,” “Joker,” “Batman,” and “Thor”.
Positive words like “Love,” “Dream,” “Joy,” and “Freedom” were found in millions of passwords. On the other hand, the impure finds its way in the password, with many curse words used by millions of people.
Too: Biometrics vs. Passcods: What a lawyer says if you are worried about warrantless phone discoveries
Other frequently used passwords include countries, cities, American states, food, popular brands, nature, animals and months. In cities, the most popular password is “Rome”. In the animal empire, “lions” and “foxes” are common. Many people choose food or drinks for passwords, such as “tea,” apples, “” rice, “” “and” orange “with top options.
Subsequently, Cybenuse found that many people (42%) use 8- to 10-toar passwords, with eight characters the most popular. This is likely because many online systems passwords do not allow less than eight characters. About 27% use only lowercase letters and numbers, not the uppercase letters or special characters.
Preparation of a weak password or reuse of one is quick and simple – and easy to remember. But at what cost?
Simple and more common passwords, less efforts cyber criminals spend it cracking it. Previous studies have found that some passwords can be cracked in less than a minute. Hackers who capture passwords from a site will try it on other sites. It exposes you, all your accounts and even your company to compromise.
Too: Best Password Manager: Expert Tested
“Weak, reuse on the platform and the prevalence of simple passwords greatly increase the risk of cyber attack,” MaciJuskaitė said. “If you reuse the password in many platforms, a violation in a system can compromise the safety of other accounts, create a domino effect. Even without any compromise, hackers can exploit the general password pattern.”
How to protect yourself and your company in a better way
Password is still necessary and still difficult to make and use, what can you do to save yourself and your company in a better way? Cybernews provides many suggestions.
- Use password manager. Such devices can automatically create a strong password for each account and site you use you can collect and apply.
- Use strong and complex passwords. Make sure you have at least 12 letters in your password and include lowercase and uppercase letters, numbers and at least a special character. Avoid using any normal or recognizable words, names or other wires.
- Enable multi-factor authentication. Set MFA whenever and wherever available. This form of certification provides a second layer of security. Even if your password is stolen, the attacker cannot reach your account without the required MFA code.
- Apply password policies. Organizations should apply policies that require at least 12 characters passwords with a mixture of uppercase and lowercase letters, numbers and special characters.
- Review access control. Organizations should review their access control regularly and run security audit. To reduce the possibility of credentials and data leaks, you are sidelined any weaknesses.
- Monitor for credential leaks. Organizations should use the right tools and technologies to detect leaked credentials in real time. You can then block access to any targeted accounts or require new passwords.
Get top stories of morning with us in your inbox every day Tech Today Newsletter.
