RPM reported net profit of Dh49.39 million during 2023
business2 hours ago
Year after year, analyses show that millions of people make, to put it mildly, questionable choices when it comes to the passwords they use to protect their accounts. And fresh statistics for the year that is drawing to a close confirm that bad habits do die hard and many people willingly put themselves in the firing line of account-takeover attacks.
Drawing on an analysis of a total of 500 million passwords that were leaked in various data breaches in 2019, NordPass found that '12345', '123456' and '123456789' reigned supreme in order of frequency. Between them, these numerical strings were used to 'secure' a total of 6.3 million accounts. It doesn't get much more optimistic further down the list, however, as these three choices were followed by 'test1' and, the one and only, 'password'.
Somewhat predictably, the chart is overall replete with many usual suspects among the most common passwords - think 'asdf', 'qwerty', 'iloveyou' and various other stalwart choices. Other supremely hackable passwords - including simple numerical strings, common names, and rows of keys - also abound. Much the same picture is painted annually by SplashData's lists of the most-used passwords, such as last year, the year before that, and so on.
The entire list of the 200 most popular passwords is available in NordPass' blog post, but here's at least the top 25. Let these sink in:
1-12345
2-123456
3-123456789
4-test1
5-password
6-12345678
7-zinch
8-g_czechout
9-asdf
10-qwerty
11-1234567890
12-1234567
13-Aa123456.
14-iloveyou
15-1234
16-abc123
17-111111
18-123123
19-dubsmash
20-test
21-princess
22-qwertyuiop
23-sunshine
24-BvtTest123
25-11111
Eerily familiar?
If you recognise any of the above as your own, then fixing your passwords is almost certainly one of the things that deserve a place on your laundry list of New Year's resolutions. For starters, fixing here means not having the exact same idea as millions of other people when you're signing up to a service and are asked to create your password.
One way to go about this is opt for a passphrase, which, if done right, is generally a tougher nut to crack as well as easier to remember. The latter is especially useful if you don't use password management software, which, somewhat unsurprisingly, has been shown to benefit both password strength and uniqueness. Yes, that passphrase should, of course, be unique for each of your online accounts, as recycling your passwords across various services is tantamount to asking for trouble.
You may also want to watch out for password leaks. There are a number of services these days where you can check if your login credentials may have been caught up in a known breach. Some of them even offer you the option to sign up for alerts if your login information is compromised in a breach.
In fact, as ours is an era where login data are compromised by the millions, why settle for one line of defence if you can have two? At the risk of repeating ourselves, two-factor authentication is a highly valuable way to add an additional layer of security to online accounts on top of your password.
- Tomas Foltyn is a security writer at Eset. Views expressed are his own and do not the newspaper's policy.
RPM reported net profit of Dh49.39 million during 2023
business2 hours ago
Emerging economies’ bloc ditches greenback in $260b worth trade
economy2 hours ago
National security spokesperson to continue pressing for a temporary ceasefire that Washington wants to last for at least six weeks
mena2 hours ago
It was RCB's third win — and second in a row — in 10 matches so far this season, keeping their slim hopes of reaching the playoffs alive
cricket2 hours ago
Offshoring business operations to captive centres has proven to be a cost-effective and efficient strategy
realty2 hours ago
Tourism minister Ahmed Al Khateeb says all the kingdom's projects are far away from the conflict
mena2 hours ago
A wave of exceptionally hot weather has blasted the region over the past week, sending the mercury as high as 45 degrees Celsius
asia2 hours ago
This was following a Reuters report that some senior US officials did not find Israel's assurances credible
world2 hours ago