The UK’s National Cyber Security Centre has published a global password risk list containing 100,000 of the most commonly re-occurring passwords that are already known to hackers.
We hear of email or social media accounts being hacked every single day, and blame tech companies for their inability to keep us safe. But we rarely think about how weak people’s passwords really are. A recent breach analysis from the UK’s National Cyber Security Centre (NCSC) found that 23.2 million hacked accounts around the world used “123456” as password. Now, who do you blame?
While the NCSC suggests that you use 3 random words as a password, most users prefer 123456 (23.2 million), 123456789 (7.7 million), qwerty (3.8 million), password (3.6 million), and 111111 (3.1 million). Runners up are 12345678, abc123, 1234567, password1, and 12345. You can view the full list of passwords here.
The passwords are already in the public domain and have been sold or shared by hackers, so make sure yours is not one of them. You can also go to Have I Been Pwned, a website run by international web security expert Troy Hunt, to check if one of your accounts has been compromised in a data breach.
The NCSC explains “Password re-use is a major risk that can be avoided – nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band.”