A recent round of research has once again revealed that many of us are still absolutely terrible at creating a strong password.

This includes a new report from password manager Nordpass, which examined a database totaling more than 3TB of compromised passwords spanning users in 30 countries to reveal the top 200 passwords( opens in a new tab), ordering the entries according to the number of instances. found. , how easy they were to break, as well as popularity by country and, if possible, by genre.

Unsurprisingly, Nordpass found that “password” is still the top choice, with “12345” ranking second globally.

The rest of the list is largely made up of other variations of letters and numbers that don't just stick together randomly, with "quertyuiop" (the top row of letters on most English keyboards), ranking at number 36 overall.

Head-to-head comparisons of the Nordpass data show that neither sex is more safety conscious than the other, they just make bad decisions differently.

For example, in a comparison of the top ten passwords in the UK, men largely choose football team names ("liverpool", "arsenal" and "chelsea" ranked fifth, sixth and eighth respectively). between them), while women chose names (“charlie”, ranked third), places (“london”, seventh) or other peripheral names (“chocolate” and “monkey”, eighth and ninth).

A separate study (opens in a new tab) by password management company Specops Software, which analyzes more than 800 million compromised passwords, also reveals that the ongoing FIFA World Cup is affecting password choices, users opt for international team names, past and present players. and other relevant but common terms.

For example, there have been more than 1,3 million occurrences of "USA" as a password, while "kane", for England star Harry Kane, has appeared more than 133 times, and even "soccer" has appeared. more than 000 times.

Looking at the Specops data taking into account the Nordpass gender split, this may well offer some insight into the password choices made primarily by male users.

Also covering the Nordpass report, 9to5Google (opens in a new tab) found that people have even resorted to using their phone manufacturer's name as their password.

Currently, “samsung” ranks 78th most popular passwords in the world and “googledummy” ranks 145th. spelling problem for the huge number of people who swear by the best Android, Samsung and iPhone.

Secure all your data

If you can pick your password from a dictionary, atlas, other reference book, or read it on a keyboard, that's a bad password, because it will only take seconds, minutes, or hours for a malicious actor to crack it. , giving them unlimited access to sensitive data.

Passwords must be unique to you, if not completely randomized by a password generator and stored in an accredited administrator.

Consumers should also consider the industry-leading Passkeys biometric authentication standard, currently built into Apple devices and implemented for other platforms by Google and 1Password. At the time of writing, these alternatives are in open beta and are expected to arrive in 2023, respectively.

While TechRadar Pro readers are less likely to make common mistakes when protecting their company's tech stack, it raises uncomfortable questions about consumer security habits and how word-of-mouth might affect what happens employees choose for themselves. when they have a choice.

Organizations should also consider multi-factor authentication as part of a Zero Trust security strategy, eliminating passwords entirely while maintaining security.

Share This