These constant warnings that passwords must be strong seem to be on deaf ears, as recent reports show that most people still choose the same old, easy-to-guess password combinations we’ve all seen.
Cybersecurity researchers from CyberMessaging (opens in a new tab) recently analyzed 56 million passwords that have been cracked, leaked or hit the wider internet this year to determine patterns.
As it turns out, we still love using the sequence “123456” as a password because it is by far the most common password with 111,417 occurrences. “Admin” is also quite popular, with almost 17,000 entries, followed by “root” and “guest”.
Celebrity names, curse words
According to the study, people love to use different names in their login details. Names of popular soccer teams, surnames, celebrity names, and names of months and days were all used frequently.
It was also found that users used profanity, with one particular profanity racking up nearly 300,000 cases.
One of the problems with weak passwords is that some products come with pre-set passwords, and developers expect end users to replace the factory settings with their own passwords at the earliest opportunity.
In many cases, this never happens, and many applications and endpoints receive easy-to-guess passwords for extended periods of time.
“It’s important that customers don’t rely solely on developers to protect their credentials and personal information by adopting new online security habits, starting with strong password generation and cybersecurity awareness,” said Mantas Sasnauskas, head of security research at Cybernews. . “Since many services are interconnected, even one compromised password can lead to multiple accesses, potential damage, and time-consuming data recovery.”
To eliminate this risk factor, most major tech companies are now creating solutions to replace passwords, such as Apple’s passkey solution.