Combining poor cybersecurity practices with unoriginality, “password” has officially become the most commonly used password globally, despite the fact it takes less than a second to be cracked, according to a recent report published by the VPN provider, NordPass.
In the US, while weak passwords such as “password” and “12345” also made the top three, our cyber due diligence remains slightly stronger than the global average, with “guest” — a password that takes ten seconds to crack — sitting at the top spot.
However, despite minor improvements from 2021, due in part to the growing adaptation of tools like password managers, the results of this survey reveal that we still have a lot to learn about password security. Read on to see how your password compares to the world’s most commonly used codes.
Which Passwords Are We Using the Most?
A year has passed since NordPass revealed that “123456” was the most commonly used password of 2021, and it seems like we still have a lot to learn.
After researching the password habits of individuals in over 30 countries, a new survey by NordPass reveals that “password” has overtaken last year’s victor, with the code being used by almost 5 million users globally. “123456” and “123456789” currently sit in the second and third positions, with the codes being used 1,523,537 and 413,056 times respectively.
Other notable mentions include “iloveyou” which ranked in 43rd place and “football” at number 73. Also, just like in NordPass’s previous research, pop culture was shown to massively influence the prevalence of certain passcodes, with the codes “batman”, “euphoria” and “encanto” witnessing a surge of use over the past year.
Fortunately, password habits within the US seem to be slightly more secure than the global average, with the harder-to-crack password “guest” being our most commonly used code, with a user count of 127,861. Other stronger passwords include “unknown” at number 14, which takes an average of 17 minutes to crack, and “g_czechout” which, impressively, takes 12 days to crack.
Poor Passwords Can Have Costly Consequences
We get it, creating and remembering long, complex passwords can be a pain. However, the events of recent years have shown the alternative to using a strong code can be much, much worse.
Weak passwords continue to be the first port of call for cybercriminals looking to gain access to accounts, with over 80% of US cyber attacks resulting from poor password negligence. And as individuals and businesses continue to use inadequate forms of protection, password attacks are only on the rise – with 921 instances taking place each second according to research from Microsoft.
Some of these instances are very high profile, too. In September the databases of InterContinental Hotels, the US hotel chain home to major names like Crowne Plaza and Holiday Inn, were hacked by a Vietnamese couple using the password “Qwerty1234”. Fortunately for the chain, the criminals’ ransomware attempts were not successful, but they did resort to wiping the company’s hard drive instead.
In a similar instance and around the same time, the US business and media publication FastCompany fell victim to a password attack. Hackers were able to breach the system, using the generic password “pizza123” before modifying articles to include offensive content.
In the long run, getting rid of passwords might be the best solution. Until then, there are just a few steps you need to take to avoid the same fate as these companies.
How to Upgrade Your Password Security
Tedious as it may be, vamping up your password security is pretty straightforward. According to NordPass, using a long and complex password containing at least 12 characters and a variety of cases, letters, numbers, and symbols is the most effective way to bolster your first line of defense.
NordPass also recommends coming up with a unique password for each account, checking which accounts you aren’t able to access, and assessing the strengths of your passwords on an ongoing basis.
Maintaining good password health doesn’t need to be a headache — by using a password manager, you’re able to generate strong, uncrackable passwords automatically and save them all in one easy-to-access location. Check out our guide to the best password managers to find a solution that works for your business.
Local Storage Option | Two-Factor Authentication | Failsafe Function | Password Generator Function A password manager can create secure, complex passwords for you. You won't need to remember them yourself. | Help Instructions | Email Support | Live Chat Support | Phone Support | Price | Business Plan? | Business Price Cheapest available business plan | Click to Try | ||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
FEATURED | TOP PICK | ||||||||||||
NordPass | LastPass | Dashlane | Sticky Password | ||||||||||
| | | | | |||||||||
| | | | | |||||||||
| | | | | |||||||||
| | | | | |||||||||
| | | | | |||||||||
| | | | | |||||||||
| | | | | |||||||||
| | | | | |||||||||
$1.69/month | $2.40/month | $8 per user/month | $19.99 per year | ||||||||||
| | | | | |||||||||
$19.95/10 users | $2.51 user/month | $3.20/user/month | $60/user | $29.99/user/year | |||||||||
Try 1Password | Try NordPass | Try LastPass | Try Dashlane | Sticky Password |