Despite repeated warnings from online security experts advising against the use ofeasy-to-crack passwords, it seemssomemany folks still can’t be bothered to think up a more complex string of characters to protect their accounts.
A recent study by the U.K.’s National Cyber Security Center (NCSC) that looked at public databases of breached accounts confirms that for many people, simple passwords are still a thing, with 23.2 million accounts globally using “123456” — the most common string on the list.
Perhaps not surprisingly, second is “123456789,” while others include “password”, “1111111,” and “qwerty.”
The NCSC collaborated with Australian online security expert Troy Hunt — known for hisHave I Been Pwnedsite — to learn more about the kinds of passwords that some people are using to protect their accounts.
You canexplore Hunt’s databaseyourself to find how many times simple passwords (or your own) have showed up in lists of accounts caught up in security breaches. For example, enter “zxcvbnm” (the letters appearing on the bottom row of a keyboard), and you’ll see that the password has showed up in data breaches more than 575,000 times.
On his site, Hunt offers some advice on how you can better protect yourself online. Whilenotusing “123456” as a password would certainly be a good start, Hunt suggests using a password manager app such as 1Password. Digital Trends has an article featuring thebest password manager appscurrently available.
“Making good password choices is the single biggest control consumers have over their own personal security posture,” Hunttoldthe NCSC. “We typically haven’t done a very good job of that either as individuals or as the organizations asking us to register with them.”
He added: “Recognizing the passwords that are most likely to result in a successful account takeover is an important first step in helping people create a more secure online presence.”
