The most frequently hacked passwords, according to a study

Virgin Radio

9 Feb 2022, 12:01

It's Internet Safety Day, and to mark the occasion, here are some passwords you should definitely avoid using.

These days you need a password for pretty much anything you do online, and it can be pretty difficult to remember a new one for everything you sign up for.

Most of us revert to using the same password for most things or, at the very least, have about three or four we use in rotation.

What you choose as your password is quite important, however. Especially as online hackers are getting more and more sophisticated.

Payment solutions company Dojo studied National Cyber Security Centre (NCSC) data on more than 100,000 breached passwords and found the ones you should avoid.

Some of the most frequently breached passwords were those that contained names of pets and terms of endearment. Just below that were people’s names, then animals and food.

Unsurprisingly, passwords that contained an obvious sequence like ‘1234’ or ‘qwerty’ were also among some of the most frequently hacked.

That study highlighted: “These sequences are particularly easy to remember and transcend languages and cultures, making them an incredibly popular password choice worldwide.

“Easy to guess and requiring no personal knowledge, these ones present a huge risk to your online security when selected.”

According to the NCSC data, the five most commonly hacked passwords are:

1. 123456 (23.2 million users)
2. 123456789 (7.7 million users)
3. Qwerty (3.8 million users)
4. Password (3.6 million users)
5. 1111111 (3.1 million users)

Dojo said the best and most secure passwords are those that use a combination of letters, numbers and symbols.

Naveed Islam, Chief Information Security Officer at Dojo, said: "Passwords are the digital keys for just about everything on the Web, from checking emails to online banking.

"The surge in online services has resulted in a proliferation of password usage.

"This has resulted in password fatigue - the feeling experienced by many people who are required to remember an excessive number of passwords as part of their daily routine.

"To cope with password fatigue, people reuse the same password across multiple websites, using simple and predictable password creation strategies. Attackers exploit these well-known coping strategies, leaving individuals vulnerable."

He added: "Using a password manager to create unique passwords and using multi-factor authentication (MFA) across all websites are some of the recommended ways to improve password security and make it difficult for attackers to steal your passwords and access your data.

"Frequently check a breach notification site to see if any of your passwords have been leaked in any data breaches. If it has, change your password for that account immediately."